USN-6278-2: .NET vulnerabilities

Read Time:36 Second

USN-6278-1 fixed several vulnerabilities in .NET. This update
provides the corresponding updates for Ubuntu 22.04 LTS.

Original advisory details:

It was discovered that .NET did properly handle the execution of
certain commands. An attacker could possibly use this issue to
achieve remote code execution. (CVE-2023-35390)

Benoit Foucher discovered that .NET did not properly implement the
QUIC stream limit in HTTP/3. An attacker could possibly use this
issue to cause a denial of service. (CVE-2023-38178)

It was discovered that .NET did not properly handle the disconnection
of potentially malicious clients interfacing with a Kestrel server. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2023-38180)

Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

Smishing Triad Fuels Surge in Toll Payment Scams in US, UK

Darknet’s Xanthorox AI Offers Customizable Tools for Hackers

King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors

DIRNSA Fired

Vodafone Urges UK Cybersecurity Policy Reforms as SME Cyber-Attack Costs Reach £3.4bn

Government Backs Britain’s First Cyber Seed Fund, Worth £50m

Aussie Pension Savers Hit with Wave of Credential Stuffing Attacks

Friday Squid Blogging: Two-Man Giant Squid

USN-7423-1: GNU binutils vulnerabilities

USN-7406-6: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

USN-7402-4: Linux kernel vulnerabilities

lemonldap-ng-2.21.0-1.fc42

lemonldap-ng-2.21.0-1.el9

lemonldap-ng-2.21.0-1.fc40