AlmaLinux 9 : .NET 9.0 (ALSA-2024:9543)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:9543 advisory. dotnet: Type confusion vulnerability leads to AV in .NET Core NrbfDecoder component CVE-2024-43498 dotnet: .NET Core - DoS - unbounded work factor in...

USN-7105-1: .NET vulnerabilities

It was discovered that the NrbfDecoder component in .NET did not properly handle an instance of a type confusion vulnerability. An authenticated attacker could possibly use this issue to gain the privileges of another user and execute arbitrary code. CVE-2024-43498 It was discovered that the...