It was found that string comparisons in .NET Core did not use a secure hashing algorithm. This could allow an attacker to predict string hashes and cause a denial of service by intentionally creating collisions thus forcing long look up times.
Case insensitive string comparison uses an insecure hashing algorithm which can be compromised in .NET Core 1.x (Unix) and .NET Core 2.0. The attack vector could be a Dictionary which uses case invariant keys.
Name: Ben Adams (Illyriad Games)
This issue has been addressed in the following products:
.NET Core on Red Hat Enterprise Linux
Via RHSA-2018:0522 https://access.redhat.com/errata/RHSA-2018:0522