USN-6006-1: .NET vulnerability

Releases

• Ubuntu 22.10
• Ubuntu 22.04 LTS

Packages

• dotnet6 - dotNET CLI tools and runtime
• dotnet7 - dotNET CLI tools and runtime

Details

It was discovered that .NET did not properly manage dll files. An
attacker could potentially use this issue to execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.10

• aspnetcore-runtime-6.0 - 6.0.116-0ubuntu1~22.10.1
• dotnet-hostfxr-7.0 - 7.0.105-0ubuntu1~22.10.1
• dotnet-hostfxr-6.0 - 6.0.116-0ubuntu1~22.10.1
• dotnet-host - 6.0.116-0ubuntu1~22.10.1
• dotnet-sdk-6.0 - 6.0.116-0ubuntu1~22.10.1
• dotnet-sdk-7.0 - 7.0.105-0ubuntu1~22.10.1
• dotnet7 - 7.0.105-0ubuntu1~22.10.1
• dotnet6 - 6.0.116-0ubuntu1~22.10.1
• aspnetcore-runtime-7.0 - 7.0.105-0ubuntu1~22.10.1
• dotnet-runtime-7.0 - 7.0.105-0ubuntu1~22.10.1
• dotnet-runtime-6.0 - 6.0.116-0ubuntu1~22.10.1
• dotnet-host-7.0 - 7.0.105-0ubuntu1~22.10.1

Ubuntu 22.04

• aspnetcore-runtime-6.0 - 6.0.116-0ubuntu1~22.04.1
• dotnet-hostfxr-6.0 - 6.0.116-0ubuntu1~22.04.1
• dotnet6 - 6.0.116-0ubuntu1~22.04.1
• dotnet-runtime-6.0 - 6.0.116-0ubuntu1~22.04.1
• dotnet-sdk-6.0 - 6.0.116-0ubuntu1~22.04.1
• dotnet-host - 6.0.116-0ubuntu1~22.04.1

In general, a standard system update will make all the necessary changes.

References

• CVE-2023-28260