What is the severity of RHSA-2024:0827?

The severity of RHSA-2024:0827 is classified as important.

How do I fix RHSA-2024:0827?

To fix RHSA-2024:0827, update to the latest available versions of the affected .NET packages.

Which software is affected by RHSA-2024:0827?

RHSA-2024:0827 affects various Red Hat products including Red Hat Enterprise Linux and Red Hat CodeReady Linux Builder.

What versions of .NET address the vulnerability in RHSA-2024:0827?

The updated versions addressing the vulnerability are .NET SDK 8.0.102 and other related packages.

Is RHSA-2024:0827 related to any specific Red Hat platforms?

Yes, RHSA-2024:0827 affects multiple architectures including x86_64, ARM 64, Power, and IBM z Systems.

Vulnerability/
RHSA-2024:0827

high

15/2/2024

23/2/2024

RHSA-2024:0827: Important: .NET 8.0 security update

First published: Thu Feb 15 2024(Updated: )

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.<br>New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.102 and .NET Runtime 8.0.2.<br>Security Fix(es):<br><li> dotnet: Denial of Service in SignalR server (CVE-2024-21386)</li> <li> dotnet: Denial of Service in X509Certificate2 (CVE-2024-21404)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/dotnet8.0	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/aspnetcore-runtime	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/aspnetcore-runtime-dbg	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/aspnetcore-targeting-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/dotnet-apphost-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-apphost-pack	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-host	<8.0.2-2.el8_9	8.0.2-2.el8_9
redhat/dotnet-host-debuginfo	<8.0.2-2.el8_9	8.0.2-2.el8_9
redhat/dotnet-hostfxr	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-hostfxr	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-runtime	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-runtime	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-runtime-dbg	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-sdk	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet-sdk	<8.0-debuginfo-8.0.102-2.el8_9	8.0-debuginfo-8.0.102-2.el8_9
redhat/dotnet-sdk-dbg	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet-targeting-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-templates	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet8.0-debuginfo	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/dotnet8.0-debugsource	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/netstandard-targeting-pack	<2.1-8.0.102-2.el8_9	2.1-8.0.102-2.el8_9
redhat/aspnetcore-runtime	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/aspnetcore-runtime-dbg	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/aspnetcore-targeting-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/dotnet-apphost-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-apphost-pack	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-host	<8.0.2-2.el8_9	8.0.2-2.el8_9
redhat/dotnet-host-debuginfo	<8.0.2-2.el8_9	8.0.2-2.el8_9
redhat/dotnet-hostfxr	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-hostfxr	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-runtime	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-runtime	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-runtime-dbg	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-sdk	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet-sdk	<8.0-debuginfo-8.0.102-2.el8_9	8.0-debuginfo-8.0.102-2.el8_9
redhat/dotnet-sdk-dbg	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet-targeting-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-templates	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet8.0-debuginfo	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/dotnet8.0-debugsource	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/netstandard-targeting-pack	<2.1-8.0.102-2.el8_9	2.1-8.0.102-2.el8_9
redhat/aspnetcore-runtime	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/aspnetcore-runtime-dbg	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/aspnetcore-targeting-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/dotnet-apphost-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-apphost-pack	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-host	<8.0.2-2.el8_9	8.0.2-2.el8_9
redhat/dotnet-host-debuginfo	<8.0.2-2.el8_9	8.0.2-2.el8_9
redhat/dotnet-hostfxr	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-hostfxr	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-runtime	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-runtime	<8.0-debuginfo-8.0.2-2.el8_9	8.0-debuginfo-8.0.2-2.el8_9
redhat/dotnet-runtime-dbg	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-sdk	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet-sdk	<8.0-debuginfo-8.0.102-2.el8_9	8.0-debuginfo-8.0.102-2.el8_9
redhat/dotnet-sdk-dbg	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet-targeting-pack	<8.0-8.0.2-2.el8_9	8.0-8.0.2-2.el8_9
redhat/dotnet-templates	<8.0-8.0.102-2.el8_9	8.0-8.0.102-2.el8_9
redhat/dotnet8.0-debuginfo	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/dotnet8.0-debugsource	<8.0.102-2.el8_9	8.0.102-2.el8_9
redhat/netstandard-targeting-pack	<2.1-8.0.102-2.el8_9	2.1-8.0.102-2.el8_9
redhat/aspnetcore-runtime	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/aspnetcore-runtime-dbg	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/aspnetcore-targeting-pack	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/dotnet	<8.0.102-2.el8_9.aa	8.0.102-2.el8_9.aa
redhat/dotnet-apphost-pack	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/dotnet-apphost-pack	<8.0-debuginfo-8.0.2-2.el8_9.aa	8.0-debuginfo-8.0.2-2.el8_9.aa
redhat/dotnet-host	<8.0.2-2.el8_9.aa	8.0.2-2.el8_9.aa
redhat/dotnet-host-debuginfo	<8.0.2-2.el8_9.aa	8.0.2-2.el8_9.aa
redhat/dotnet-hostfxr	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/dotnet-hostfxr	<8.0-debuginfo-8.0.2-2.el8_9.aa	8.0-debuginfo-8.0.2-2.el8_9.aa
redhat/dotnet-runtime	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/dotnet-runtime	<8.0-debuginfo-8.0.2-2.el8_9.aa	8.0-debuginfo-8.0.2-2.el8_9.aa
redhat/dotnet-runtime-dbg	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/dotnet-sdk	<8.0-8.0.102-2.el8_9.aa	8.0-8.0.102-2.el8_9.aa
redhat/dotnet-sdk	<8.0-debuginfo-8.0.102-2.el8_9.aa	8.0-debuginfo-8.0.102-2.el8_9.aa
redhat/dotnet-sdk-dbg	<8.0-8.0.102-2.el8_9.aa	8.0-8.0.102-2.el8_9.aa
redhat/dotnet-targeting-pack	<8.0-8.0.2-2.el8_9.aa	8.0-8.0.2-2.el8_9.aa
redhat/dotnet-templates	<8.0-8.0.102-2.el8_9.aa	8.0-8.0.102-2.el8_9.aa
redhat/dotnet8.0-debuginfo	<8.0.102-2.el8_9.aa	8.0.102-2.el8_9.aa
redhat/dotnet8.0-debugsource	<8.0.102-2.el8_9.aa	8.0.102-2.el8_9.aa
redhat/netstandard-targeting-pack	<2.1-8.0.102-2.el8_9.aa	2.1-8.0.102-2.el8_9.aa
redhat/dotnet-sdk	<8.0-source-built-artifacts-8.0.102-2.el8_9	8.0-source-built-artifacts-8.0.102-2.el8_9
redhat/dotnet-sdk	<8.0-source-built-artifacts-8.0.102-2.el8_9	8.0-source-built-artifacts-8.0.102-2.el8_9
redhat/dotnet-sdk	<8.0-source-built-artifacts-8.0.102-2.el8_9.aa	8.0-source-built-artifacts-8.0.102-2.el8_9.aa
redhat/dotnet-sdk	<8.0-source-built-artifacts-8.0.102-2.el8_9	8.0-source-built-artifacts-8.0.102-2.el8_9
Red Hat Red Hat CodeReady Linux Builder for ARM 64
Red Hat Enterprise Linux 8
Red Hat Red Hat Enterprise Linux for Power, little endian
Red Hat Enterprise Linux for IBM z Systems
Red Hat Enterprise Linux 8
Red Hat Red Hat CodeReady Linux Builder for x86_64
Red Hat Red Hat CodeReady Linux Builder for Power, little endian
Red Hat Red Hat CodeReady Linux Builder for IBM z Systems

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2024:0827?
The severity of RHSA-2024:0827 is classified as important.
How do I fix RHSA-2024:0827?
To fix RHSA-2024:0827, update to the latest available versions of the affected .NET packages.
Which software is affected by RHSA-2024:0827?
RHSA-2024:0827 affects various Red Hat products including Red Hat Enterprise Linux and Red Hat CodeReady Linux Builder.
What versions of .NET address the vulnerability in RHSA-2024:0827?
The updated versions addressing the vulnerability are .NET SDK 8.0.102 and other related packages.
Is RHSA-2024:0827 related to any specific Red Hat platforms?
Yes, RHSA-2024:0827 affects multiple architectures including x86_64, ARM 64, Power, and IBM z Systems.

agent/severity
agent/type
agent/title
agent/last-modified-date
agent/remedy
agent/description
agent/references
agent/first-publish-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2024:0827
agent/software-canonical-lookup
agent/source
agent/softwarecombine
agent/tags
agent/event
collector/redhat-errata-latest
agent/software-canonical-lookup-request
package-manager/redhat
vendor/red hat
canonical/red hat red hat codeready linux builder for arm 64
canonical/red hat enterprise linux 8
canonical/red hat red hat enterprise linux for power, little endian
canonical/red hat enterprise linux for ibm z systems
canonical/red hat red hat codeready linux builder for x86_64
canonical/red hat red hat codeready linux builder for power, little endian
canonical/red hat red hat codeready linux builder for ibm z systems