Bug 2403086 (CVE-2025-55247)

Summary: CVE-2025-55247 dotnet: .NET Denial of Service Vulnerability
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: sdawley, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2404156, 2404157, 2404158, 2404159    
Bug Blocks:    

Description OSIDB Bzimport 2025-10-10 13:35:21 UTC 
A vulnerability exists in .NET Core where predictable paths for
MSBuild's temporary directories on Linux let another user create the
directories ahead of MSBuild, leading to DoS of builds.

Affected versions:
.NET 8.0 (that's the RHEL dotnet8.0 package)
.NET 9.0 (that's the RHEL dotnet9.0 package)
.NET 10.0 (that's the RHEL dotnet10.0 package)
Comment 1 errata-xmlrpc 2025-10-15 15:48:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:18148 https://access.redhat.com/errata/RHSA-2025:18148
Comment 2 errata-xmlrpc 2025-10-15 16:06:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:18149 https://access.redhat.com/errata/RHSA-2025:18149
Comment 3 errata-xmlrpc 2025-10-15 16:13:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:18152 https://access.redhat.com/errata/RHSA-2025:18152
Comment 4 errata-xmlrpc 2025-10-15 16:28:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:18150 https://access.redhat.com/errata/RHSA-2025:18150
Comment 5 errata-xmlrpc 2025-10-15 16:30:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:18153 https://access.redhat.com/errata/RHSA-2025:18153
Comment 6 errata-xmlrpc 2025-10-15 16:49:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:18151 https://access.redhat.com/errata/RHSA-2025:18151