Back to bug 2228621

Who When What Removed Added
Patrick Del Bello 2023-08-02 20:54:15 UTC CC security-response-team
Patrick Del Bello 2023-08-02 21:24:09 UTC CC andrew.slice, bodavis, dbhole, kanderso, lvaleeva, rwagner
Sandipan Roy 2023-08-03 14:02:54 UTC Depends On 2228883, 2228887, 2228885, 2228884, 2228886
Sandipan Roy 2023-08-03 14:35:10 UTC Depends On 2228898, 2228894, 2228897, 2228896, 2228895
Sandipan Roy 2023-08-08 17:18:51 UTC Summary EMBARGOED CVE-2023-38180 dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack CVE-2023-38180 dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack
Group security, qe_staff
Sandipan Roy 2023-08-08 17:19:14 UTC Depends On 2230090, 2230091
Sandipan Roy 2023-08-08 17:22:41 UTC Doc Text A vulnerability was found in dotnet. This vulnerability exists in Kestrel where, on detecting a potentially malicious client, Kestrel will sometimes fail to disconnect it, resulting in denial of service.
Paige Jung 2023-08-08 18:37:30 UTC Doc Text A vulnerability was found in dotnet. This vulnerability exists in Kestrel where, on detecting a potentially malicious client, Kestrel will sometimes fail to disconnect it, resulting in denial of service. A vulnerability was found in Kestrel, in dotnet. Kestrel can fail to disconnect when detecting a potentially malicious client, resulting in a denial of service.
Nick Tait 2023-08-09 19:51:47 UTC Doc Text A vulnerability was found in Kestrel, in dotnet. Kestrel can fail to disconnect when detecting a potentially malicious client, resulting in a denial of service. An uncontrolled resource consumption vulnerability was found in the Kestrel component of dotnet. Kestrel can fail to disconnect when detecting a potentially malicious client, resulting in a denial of service.
Yogesh Mittal 2023-08-10 07:15:51 UTC CC ymittal
TEJ RATHI 2023-08-10 14:31:53 UTC Severity medium urgent
Priority medium urgent
TEJ RATHI 2023-08-10 14:33:32 UTC Depends On 2231093, 2231094
TEJ RATHI 2023-08-10 14:54:41 UTC Fixed In Version .NET SDK 6.0.121, .NET SDK 7.0.110, .NET Runtime 6.0.21, .NET Runtime 7.0.10
TEJ RATHI 2023-08-10 15:48:06 UTC Doc Text An uncontrolled resource consumption vulnerability was found in the Kestrel component of dotnet. Kestrel can fail to disconnect when detecting a potentially malicious client, resulting in a denial of service. An uncontrolled resource consumption vulnerability was found in the Kestrel component of the dotNET. When detecting a potentially malicious client, Kestrel will sometimes fail to disconnect it, resulting in denial of service.
TEJ RATHI 2023-08-10 16:29:27 UTC Summary CVE-2023-38180 dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack CVE-2023-38180 dotnet: Kestrel vulnerability to slow read attacks leading to Denial of Service attack
Pedro Sampaio 2023-08-10 19:52:09 UTC Priority urgent high
Severity urgent high
errata-xmlrpc 2023-08-14 14:32:26 UTC Link ID Red Hat Product Errata RHSA-2023:4639
errata-xmlrpc 2023-08-14 14:40:18 UTC Link ID Red Hat Product Errata RHSA-2023:4640
errata-xmlrpc 2023-08-14 14:44:23 UTC Link ID Red Hat Product Errata RHSA-2023:4641
errata-xmlrpc 2023-08-14 14:46:18 UTC Link ID Red Hat Product Errata RHSA-2023:4644
errata-xmlrpc 2023-08-14 14:46:23 UTC Link ID Red Hat Product Errata RHSA-2023:4642
errata-xmlrpc 2023-08-14 14:55:48 UTC Link ID Red Hat Product Errata RHSA-2023:4645
errata-xmlrpc 2023-08-14 14:55:51 UTC Link ID Red Hat Product Errata RHSA-2023:4643
Product Security DevOps Team 2023-08-14 19:19:39 UTC Status NEW CLOSED
Resolution --- ERRATA
Last Closed 2023-08-14 19:19:39 UTC
errata-xmlrpc 2023-08-15 01:04:19 UTC Link ID Red Hat Product Errata RHBA-2023:4652
errata-xmlrpc 2023-08-15 01:15:49 UTC Link ID Red Hat Product Errata RHBA-2023:4653

Back to bug 2228621