Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 596
Alerts This Week
Warning Icon 1 596

Ubuntu 26.04 LTS .NET Critical Privilege Escalation DoS Vuln 8553-1

ubuntu
Calendar Grey July 15, 2026
Dist Ubuntu Esm H88
Multiple security issues addressed in .NET affecting Ubuntu distributions. Immediate updates recommended for safety.
Several security issues were fixed in .NET.

Summary

Several security issues were fixed in .NET.

Software Description:

- dotnet10: .NET CLI tools and runtime

- dotnet8: .NET CLI tools and runtime

Details:

Artur Stetsko discovered that the .NET did not properly validate

authentication data. An attacker could possibly use this issue to elevate

privileges. (CVE-2026-47300)

Levi Broderick discovered that .NET did not properly handle XML encryption

during parsing. An attacker could possibly use this issue to consume

excessive resources, resulting in a denial of service. (CVE-2026-47302)

Pham Quang Minh discovered that .NET did not properly parse

authentication data. An attacker could possibly use this issue to bypass

authentication and elevate privileges. (CVE-2026-47303)

Levi Broderick discovered that .NET did not properly verify cryptographic

signatures during XML encryption. An attacker could possibly use this issue

to bypass security features over a network and access encrypted data.

(CVE-2026-47304)

It was discovered that .NET...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  aspnetcore-runtime-10.0         10.0.10-0ubuntu1~26.04.1
  dotnet-host-10.0                10.0.10-0ubuntu1~26.04.1
  dotnet-hostfxr-10.0             10.0.10-0ubuntu1~26.04.1
  dotnet-runtime-10.0             10.0.10-0ubuntu1~26.04.1
  dotnet-sdk-10.0                 10.0.110-0ubuntu1~26.04.1
  dotnet-sdk-aot-10.0             10.0.110-0ubuntu1~26.04.1
  dotnet10                        10.0.110-10.0.10-0ubuntu1~26.04.1

Ubuntu 24.04 LTS
  aspnetcore-runtime-10.0         10.0.10-0ubuntu1~24.04.1
  aspnetcore-runtime-8.0          8.0.29-0ubuntu1~24.04.1
  dotnet-host-10.0                10.0.10-0ubuntu1~24.04.1
  dotnet-host-8.0                 8.0.29-0ubuntu1~24.04.1
  dotnet-hostfxr-10.0             10.0.10-0ubuntu1~24.04.1
  dotnet-hostfxr-8.0              8.0.29-0ubuntu1~24.04.1
  dotnet-runtime-10.0             10.0.10-0ubuntu1~24.04.1
  dotnet-runtime-8.0              8.0.29-0ubuntu1~24.04.1
  dotnet-sdk-10.0                 10.0.110-0ubuntu1~24.04.1
  dotnet-sdk-8.0                  8.0.129-0ubuntu1~24.04.1
  dotnet-sdk-aot-10.0             10.0.110-0ubuntu1~24.04.1
  dotnet10                        10.0.110-10.0.10-0ubuntu1~24.04.1
  dotnet8                         8.0.129-8.0.29-0ubuntu1~24.04.1

Ubuntu 22.04 LTS
  aspnetcore-runtime-8.0          8.0.29-0ubuntu1~22.04.1
  dotnet-host-8.0                 8.0.29-0ubuntu1~22.04.1
  dotnet-hostfxr-8.0              8.0.29-0ubuntu1~22.04.1
  dotnet-runtime-8.0              8.0.29-0ubuntu1~22.04.1
  dotnet-sdk-8.0                  8.0.129-0ubuntu1~22.04.1
  dotnet8                         8.0.129-8.0.29-0ubuntu1~22.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8553-1

CVE-2026-47300, CVE-2026-47302, CVE-2026-47303, CVE-2026-47304,

CVE-2026-50524, CVE-2026-50525, CVE-2026-50526, CVE-2026-50527,

CVE-2026-50528, CVE-2026-50648, CVE-2026-50651, CVE-2026-50659,

CVE-2026-57108

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8553-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.