Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:0158 - Security Advisory
Issued:
2024-01-10
Updated:
2024-01-10

RHSA-2024:0158 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: .NET 6.0 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.126 and .NET Runtime 6.0.26.

Security Fix(es):

  • dotnet: Information Disclosure: MD.SqlClient(MDS) & System.data.SQLClient (SDS) (CVE-2024-0056)
  • dotnet: X509 Certificates - Validation Bypass across Azure (CVE-2024-0057)
  • dotnet: .NET Denial of Service Vulnerability (CVE-2024-21319)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x

Fixes

  • BZ - 2255384 - CVE-2024-0056 dotnet: Information Disclosure: MD.SqlClient(MDS) & System.data.SQLClient (SDS)
  • BZ - 2255386 - CVE-2024-0057 dotnet: X509 Certificates - Validation Bypass across Azure
  • BZ - 2257566 - CVE-2024-21319 dotnet: .NET Denial of Service Vulnerability

CVEs

  • CVE-2023-46233
  • CVE-2024-0056
  • CVE-2024-0057
  • CVE-2024-21319

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
dotnet6.0-6.0.126-1.el8_9.src.rpm SHA-256: b768ff78a61fcb6ba21a4d5ad1010876857e39c4de884bbbfcf381dc233b665a
x86_64
aspnetcore-runtime-6.0-6.0.26-1.el8_9.x86_64.rpm SHA-256: f122c5c35522af6e695fa41ed5e37cc7a5c51e2d0c080057be152c4b07bc16af
aspnetcore-targeting-pack-6.0-6.0.26-1.el8_9.x86_64.rpm SHA-256: 8e7d1125ada4dd0b1be4f3a0dfdfdd9a625259729be9506d28924a7d9f7452ca
dotnet-apphost-pack-6.0-6.0.26-1.el8_9.x86_64.rpm SHA-256: 67afe11e5094950762e69c8bcb5049f09d4a1d973866e8267c77217bae56dd57
dotnet-apphost-pack-6.0-debuginfo-6.0.26-1.el8_9.x86_64.rpm SHA-256: ce4944f8e08f1516549cd0ee217cb51b132a1b7ea17ffe120474566b7b252198
dotnet-hostfxr-6.0-6.0.26-1.el8_9.x86_64.rpm SHA-256: 6f81e7cc2073f10ee0d7d91ef386ea95719853dd047403b5986c8d46846c1002
dotnet-hostfxr-6.0-debuginfo-6.0.26-1.el8_9.x86_64.rpm SHA-256: a890afbe164177daea8b4a7feb268ab1b2ff7290cfe0066dad94ae343bd993ab
dotnet-runtime-6.0-6.0.26-1.el8_9.x86_64.rpm SHA-256: b119ca44d7b54eaa3c24313da8a872bdff1ad04cef8536da7ea6e1c6db2bf5a7
dotnet-runtime-6.0-debuginfo-6.0.26-1.el8_9.x86_64.rpm SHA-256: 7efa3d8ef1fb1e79c53b97b20210db432bd2c835c965caee83213ab395af87b9
dotnet-sdk-6.0-6.0.126-1.el8_9.x86_64.rpm SHA-256: 4642f1b963828109fa7235223d0812b28c8a2852296709cb4b14ef784e1dda45
dotnet-sdk-6.0-debuginfo-6.0.126-1.el8_9.x86_64.rpm SHA-256: e1df949e1bb4a2457cdac5c4318f94bf3b74fac54f2fcd76955e90519b651da1
dotnet-targeting-pack-6.0-6.0.26-1.el8_9.x86_64.rpm SHA-256: d9f2543a7ce68850f5b8275fc433bc75202da446c421980f8715c391a53d3b86
dotnet-templates-6.0-6.0.126-1.el8_9.x86_64.rpm SHA-256: 5598964cd5ed7de2afdaa638362684eb681848a61ebe8518ac0f108144441769
dotnet6.0-debuginfo-6.0.126-1.el8_9.x86_64.rpm SHA-256: fb6409fd90d40d5f2148feba2fad026eeed39ad3e896889e8a009de3685a45fa
dotnet6.0-debugsource-6.0.126-1.el8_9.x86_64.rpm SHA-256: fb23065b72ef21e8c3faccd30377c0a6300134caf1939239e1a7dd287c3224e7

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
dotnet6.0-6.0.126-1.el8_9.src.rpm SHA-256: b768ff78a61fcb6ba21a4d5ad1010876857e39c4de884bbbfcf381dc233b665a
s390x
aspnetcore-runtime-6.0-6.0.26-1.el8_9.s390x.rpm SHA-256: fe33cde2a3cc503031aa7d37f1f8076a8b36df7c3257affad31ddf7721ed85a3
aspnetcore-targeting-pack-6.0-6.0.26-1.el8_9.s390x.rpm SHA-256: 91cceba1cb5f7424e4153e3963494587ead171f9acf5cf051c8baaf481a32564
dotnet-apphost-pack-6.0-6.0.26-1.el8_9.s390x.rpm SHA-256: b2ba1a94edc9929c77e6f608f7b6d24226733ebb11c503a5ae9f1e402f6c7b6f
dotnet-apphost-pack-6.0-debuginfo-6.0.26-1.el8_9.s390x.rpm SHA-256: 6edf52589a6d1a9442ee88960339ea001b529d25435c5dd0769b32b01aa68237
dotnet-hostfxr-6.0-6.0.26-1.el8_9.s390x.rpm SHA-256: ebff7cbd2a0a5cf1b0ba4efc381ca4f370e24ae11ad6572e0db379d9f884a8b1
dotnet-hostfxr-6.0-debuginfo-6.0.26-1.el8_9.s390x.rpm SHA-256: 59b1f26ccf3d16c6e5b14b2a13fd833b91f2bfd8030a3e591599b5c14de166e3
dotnet-runtime-6.0-6.0.26-1.el8_9.s390x.rpm SHA-256: 25240de41cfe750c68d5ad664243b0309f2c15fb96e819502e831222bbfdda68
dotnet-runtime-6.0-debuginfo-6.0.26-1.el8_9.s390x.rpm SHA-256: 00cf7d0ca49cb1776cd58db0ecfe2c60bd12c1a79305aaf5a774042c44e08b0b
dotnet-sdk-6.0-6.0.126-1.el8_9.s390x.rpm SHA-256: 3777bffa79798e21cdac14f473805f79c260b88b1badaa04aecd0b2dc1d15771
dotnet-sdk-6.0-debuginfo-6.0.126-1.el8_9.s390x.rpm SHA-256: dc25b90e0b704cd87b4df313a7012dc2a4d820b0e8692b39398d381490b89114
dotnet-targeting-pack-6.0-6.0.26-1.el8_9.s390x.rpm SHA-256: 0f80a1fae8578507babb563666909fe02646113b70764cf85cb89a3786e75c20
dotnet-templates-6.0-6.0.126-1.el8_9.s390x.rpm SHA-256: 6799d04d1156ab33774a81a6ac9287f47d199049c265aac5fdfe16d07f574884
dotnet6.0-debuginfo-6.0.126-1.el8_9.s390x.rpm SHA-256: 08b269bc04f33f6243f55027189cd1b23afa97c6ae9fc518999ffd28eade0097
dotnet6.0-debugsource-6.0.126-1.el8_9.s390x.rpm SHA-256: b553d59efa699175fc2c733ca83e0b8cbbc2152306e00b9501b69c9fca15fbda

Red Hat Enterprise Linux for ARM 64 8

SRPM
dotnet6.0-6.0.126-1.el8_9.src.rpm SHA-256: b768ff78a61fcb6ba21a4d5ad1010876857e39c4de884bbbfcf381dc233b665a
aarch64
aspnetcore-runtime-6.0-6.0.26-1.el8_9.aarch64.rpm SHA-256: beeaeadfbc448839362b7ee5a8b2cddc873c96fa3cf46b4f0d135d2058fcbfb5
aspnetcore-targeting-pack-6.0-6.0.26-1.el8_9.aarch64.rpm SHA-256: 716226e0f1e563d6b18b84ef6fc7e1d98d4b82420e8f2b635601481949dcabc3
dotnet-apphost-pack-6.0-6.0.26-1.el8_9.aarch64.rpm SHA-256: f1b4a30f04be4cf66ec42006a94196569215505d22e521183a1fdfe8fb18879b
dotnet-apphost-pack-6.0-debuginfo-6.0.26-1.el8_9.aarch64.rpm SHA-256: 354434ba9c40a55dbde90211885b6ce4314b01e074084a4f7a12e7d27a304fe8
dotnet-hostfxr-6.0-6.0.26-1.el8_9.aarch64.rpm SHA-256: 0700dcb0ddfb6cb8451cadc59d8ec6319c8231e975dcbf7d2c7c971ab3f9dc47
dotnet-hostfxr-6.0-debuginfo-6.0.26-1.el8_9.aarch64.rpm SHA-256: e6706c74324499e78dfd80f2de98f76599655cff7b207a163bdebd0caa4dd816
dotnet-runtime-6.0-6.0.26-1.el8_9.aarch64.rpm SHA-256: c748dd0a7b4937bdb3895320d1f516a72b2ae06e9f6eda6568b3760eef784b62
dotnet-runtime-6.0-debuginfo-6.0.26-1.el8_9.aarch64.rpm SHA-256: f9b1fc46b38688e590e88d06ae544dd6dc50d642c8e6988ebc93fb3aa0a2b4f0
dotnet-sdk-6.0-6.0.126-1.el8_9.aarch64.rpm SHA-256: 1b870ad0529f2458c52510c006b02fd91086cf96ea860d57c5c43997e422b740
dotnet-sdk-6.0-debuginfo-6.0.126-1.el8_9.aarch64.rpm SHA-256: d10c986a658df1efecf617fc08cf23a4e9ff2de5a96ab149836b794a1107f283
dotnet-targeting-pack-6.0-6.0.26-1.el8_9.aarch64.rpm SHA-256: a36389651e3f92b757307cd3130468295a88e3cbdf5a2cc1f487a28c8c6b5355
dotnet-templates-6.0-6.0.126-1.el8_9.aarch64.rpm SHA-256: 264d9eb8e205b5a8220293a9d6655ac57ecec987e1d9ed0fd365e72ed13050ca
dotnet6.0-debuginfo-6.0.126-1.el8_9.aarch64.rpm SHA-256: 0e45a5c696a796e4d5af1cdfbbb7a6c8085f4d4b132419a773c17efd80cf4e51
dotnet6.0-debugsource-6.0.126-1.el8_9.aarch64.rpm SHA-256: 1d6cc57983870adf58c31ad02a799b0ce85b7ef25df0f62fde50282f7ae42718

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
dotnet-apphost-pack-6.0-debuginfo-6.0.26-1.el8_9.x86_64.rpm SHA-256: ce4944f8e08f1516549cd0ee217cb51b132a1b7ea17ffe120474566b7b252198
dotnet-hostfxr-6.0-debuginfo-6.0.26-1.el8_9.x86_64.rpm SHA-256: a890afbe164177daea8b4a7feb268ab1b2ff7290cfe0066dad94ae343bd993ab
dotnet-runtime-6.0-debuginfo-6.0.26-1.el8_9.x86_64.rpm SHA-256: 7efa3d8ef1fb1e79c53b97b20210db432bd2c835c965caee83213ab395af87b9
dotnet-sdk-6.0-debuginfo-6.0.126-1.el8_9.x86_64.rpm SHA-256: e1df949e1bb4a2457cdac5c4318f94bf3b74fac54f2fcd76955e90519b651da1
dotnet-sdk-6.0-source-built-artifacts-6.0.126-1.el8_9.x86_64.rpm SHA-256: 647e0924bf4fd69a0c7e12af75ac5345543f91cc59fb2f213a13b342fd8c57d7
dotnet6.0-debuginfo-6.0.126-1.el8_9.x86_64.rpm SHA-256: fb6409fd90d40d5f2148feba2fad026eeed39ad3e896889e8a009de3685a45fa
dotnet6.0-debugsource-6.0.126-1.el8_9.x86_64.rpm SHA-256: fb23065b72ef21e8c3faccd30377c0a6300134caf1939239e1a7dd287c3224e7

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
dotnet-apphost-pack-6.0-debuginfo-6.0.26-1.el8_9.aarch64.rpm SHA-256: 354434ba9c40a55dbde90211885b6ce4314b01e074084a4f7a12e7d27a304fe8
dotnet-hostfxr-6.0-debuginfo-6.0.26-1.el8_9.aarch64.rpm SHA-256: e6706c74324499e78dfd80f2de98f76599655cff7b207a163bdebd0caa4dd816
dotnet-runtime-6.0-debuginfo-6.0.26-1.el8_9.aarch64.rpm SHA-256: f9b1fc46b38688e590e88d06ae544dd6dc50d642c8e6988ebc93fb3aa0a2b4f0
dotnet-sdk-6.0-debuginfo-6.0.126-1.el8_9.aarch64.rpm SHA-256: d10c986a658df1efecf617fc08cf23a4e9ff2de5a96ab149836b794a1107f283
dotnet-sdk-6.0-source-built-artifacts-6.0.126-1.el8_9.aarch64.rpm SHA-256: 8c659cc18588aef7f3fb7886aaf07d80cce3b78a0071b93babb70692524d3577
dotnet6.0-debuginfo-6.0.126-1.el8_9.aarch64.rpm SHA-256: 0e45a5c696a796e4d5af1cdfbbb7a6c8085f4d4b132419a773c17efd80cf4e51
dotnet6.0-debugsource-6.0.126-1.el8_9.aarch64.rpm SHA-256: 1d6cc57983870adf58c31ad02a799b0ce85b7ef25df0f62fde50282f7ae42718

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
dotnet-apphost-pack-6.0-debuginfo-6.0.26-1.el8_9.s390x.rpm SHA-256: 6edf52589a6d1a9442ee88960339ea001b529d25435c5dd0769b32b01aa68237
dotnet-hostfxr-6.0-debuginfo-6.0.26-1.el8_9.s390x.rpm SHA-256: 59b1f26ccf3d16c6e5b14b2a13fd833b91f2bfd8030a3e591599b5c14de166e3
dotnet-runtime-6.0-debuginfo-6.0.26-1.el8_9.s390x.rpm SHA-256: 00cf7d0ca49cb1776cd58db0ecfe2c60bd12c1a79305aaf5a774042c44e08b0b
dotnet-sdk-6.0-debuginfo-6.0.126-1.el8_9.s390x.rpm SHA-256: dc25b90e0b704cd87b4df313a7012dc2a4d820b0e8692b39398d381490b89114
dotnet-sdk-6.0-source-built-artifacts-6.0.126-1.el8_9.s390x.rpm SHA-256: 2a0a8da3db57e7283d0c21eba30a8e904dc109b09a541df8bf58ccd8d977c3c9
dotnet6.0-debuginfo-6.0.126-1.el8_9.s390x.rpm SHA-256: 08b269bc04f33f6243f55027189cd1b23afa97c6ae9fc518999ffd28eade0097
dotnet6.0-debugsource-6.0.126-1.el8_9.s390x.rpm SHA-256: b553d59efa699175fc2c733ca83e0b8cbbc2152306e00b9501b69c9fca15fbda

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat X (formerly Twitter)

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility