Bug 2255386 (CVE-2024-0057) - CVE-2024-0057 dotnet: X509 Certificates - Validation Bypass across Azure
Summary: CVE-2024-0057 dotnet: X509 Certificates - Validation Bypass across Azure
Keywords:
Status: NEW
Alias: CVE-2024-0057
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2257557 2257558 2257559 2255393
Blocks: 2255383
TreeView+ depends on / blocked
 
Reported: 2023-12-20 14:07 UTC by Patrick Del Bello
Modified: 2024-02-05 16:57 UTC (History)
8 users (show)

Fixed In Version: .NET SDK 6.0.126 and .NET Runtime 6.0.26 and .NET SDK 7.0.115 and .NET Runtime 7.0.15
Doc Type: If docs needed, set a value
Doc Text:
A security feature bypass vulnerability exists when Microsoft .NET Framework-based applications use X.509 chain building APIs but do not completely validate the X.509 certificate due to a logic flaw. An attacker could present an arbitrary untrusted certificate with malformed signatures, triggering a bug in the framework. The framework will correctly report that X.509 chain building failed, but it will return an incorrect reason code for the failure. Applications which utilize this reason code to make their own chain building trust decisions may inadvertently treat this scenario as a successful chain build. This could allow an adversary to subvert the app's typical authentication logic.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:0150 0 None None None 2024-01-10 15:37:58 UTC
Red Hat Product Errata RHSA-2024:0151 0 None None None 2024-01-10 15:37:22 UTC
Red Hat Product Errata RHSA-2024:0152 0 None None None 2024-01-10 15:37:39 UTC
Red Hat Product Errata RHSA-2024:0156 0 None None None 2024-01-10 18:15:16 UTC
Red Hat Product Errata RHSA-2024:0157 0 None None None 2024-01-10 18:32:04 UTC
Red Hat Product Errata RHSA-2024:0158 0 None None None 2024-01-10 18:31:45 UTC
Red Hat Product Errata RHSA-2024:0255 0 None None None 2024-01-15 15:58:04 UTC

Description Patrick Del Bello 2023-12-20 14:07:47 UTC 
A vulnerability was found in .NET Kestrel where a Denial of Service with Client Certificates is possible.
Comment 3 Sandipan Roy 2024-01-10 03:53:53 UTC 
Created dotnet6.0 tracking bugs for this issue:

Affects: fedora-all [bug 2257557]


Created dotnet7.0 tracking bugs for this issue:

Affects: fedora-all [bug 2257558]


Created dotnet8.0 tracking bugs for this issue:

Affects: fedora-all [bug 2257559]
Comment 4 errata-xmlrpc 2024-01-10 15:37:20 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:0151 https://access.redhat.com/errata/RHSA-2024:0151
Comment 5 errata-xmlrpc 2024-01-10 15:37:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:0152 https://access.redhat.com/errata/RHSA-2024:0152
Comment 6 errata-xmlrpc 2024-01-10 15:37:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0150 https://access.redhat.com/errata/RHSA-2024:0150
Comment 7 errata-xmlrpc 2024-01-10 18:15:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:0156 https://access.redhat.com/errata/RHSA-2024:0156
Comment 8 errata-xmlrpc 2024-01-10 18:31:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0158 https://access.redhat.com/errata/RHSA-2024:0158
Comment 9 errata-xmlrpc 2024-01-10 18:32:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:0157 https://access.redhat.com/errata/RHSA-2024:0157
Comment 10 errata-xmlrpc 2024-01-15 15:58:03 UTC 
This issue has been addressed in the following products:

  .NET Core on Red Hat Enterprise Linux

Via RHSA-2024:0255 https://access.redhat.com/errata/RHSA-2024:0255
Note You need to log in before you can comment on or make changes to this bug.