vulnerability
Amazon Linux 2023: CVE-2025-55247: Critical priority package update for dotnet8.0 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:S/C:C/I:C/A:C) | Oct 15, 2025 | Oct 24, 2025 | Oct 24, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Oct 15, 2025
Added
Oct 24, 2025
Modified
Oct 24, 2025
Description
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations.
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations.
Solutions
amazon-linux-2023-upgrade-aspnetcore-runtime-8-0amazon-linux-2023-upgrade-aspnetcore-runtime-9-0amazon-linux-2023-upgrade-aspnetcore-runtime-dbg-8-0amazon-linux-2023-upgrade-aspnetcore-runtime-dbg-9-0amazon-linux-2023-upgrade-aspnetcore-targeting-pack-8-0amazon-linux-2023-upgrade-aspnetcore-targeting-pack-9-0amazon-linux-2023-upgrade-dotnetamazon-linux-2023-upgrade-dotnet8-0-debuginfoamazon-linux-2023-upgrade-dotnet8-0-debugsourceamazon-linux-2023-upgrade-dotnet9-0-debugsourceamazon-linux-2023-upgrade-dotnet-apphost-pack-8-0amazon-linux-2023-upgrade-dotnet-apphost-pack-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-apphost-pack-9-0amazon-linux-2023-upgrade-dotnet-apphost-pack-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-hostamazon-linux-2023-upgrade-dotnet-host-debuginfoamazon-linux-2023-upgrade-dotnet-hostfxr-8-0amazon-linux-2023-upgrade-dotnet-hostfxr-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-hostfxr-9-0amazon-linux-2023-upgrade-dotnet-hostfxr-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-runtime-8-0amazon-linux-2023-upgrade-dotnet-runtime-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-runtime-9-0amazon-linux-2023-upgrade-dotnet-runtime-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-runtime-dbg-8-0amazon-linux-2023-upgrade-dotnet-runtime-dbg-9-0amazon-linux-2023-upgrade-dotnet-sdk-8-0amazon-linux-2023-upgrade-dotnet-sdk-8-0-debuginfoamazon-linux-2023-upgrade-dotnet-sdk-8-0-source-built-artifactsamazon-linux-2023-upgrade-dotnet-sdk-9-0amazon-linux-2023-upgrade-dotnet-sdk-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-sdk-9-0-source-built-artifactsamazon-linux-2023-upgrade-dotnet-sdk-aot-9-0amazon-linux-2023-upgrade-dotnet-sdk-aot-9-0-debuginfoamazon-linux-2023-upgrade-dotnet-sdk-dbg-8-0amazon-linux-2023-upgrade-dotnet-sdk-dbg-9-0amazon-linux-2023-upgrade-dotnet-targeting-pack-8-0amazon-linux-2023-upgrade-dotnet-targeting-pack-9-0amazon-linux-2023-upgrade-dotnet-templates-8-0amazon-linux-2023-upgrade-dotnet-templates-9-0amazon-linux-2023-upgrade-netstandard-targeting-pack-2-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.