vulnerability
Oracle Linux: CVE-2025-55247: ELSA-2025-18148: .NET 8.0 security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:S/C:C/I:C/A:C) | Oct 15, 2025 | Oct 17, 2025 | Oct 17, 2025 |
Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Oct 15, 2025
Added
Oct 17, 2025
Modified
Oct 17, 2025
Description
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations.
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operations.
Solutions
oracle-linux-upgrade-aspnetcore-runtime-8-0oracle-linux-upgrade-aspnetcore-runtime-9-0oracle-linux-upgrade-aspnetcore-runtime-dbg-8-0oracle-linux-upgrade-aspnetcore-runtime-dbg-9-0oracle-linux-upgrade-aspnetcore-targeting-pack-8-0oracle-linux-upgrade-aspnetcore-targeting-pack-9-0oracle-linux-upgrade-dotnetoracle-linux-upgrade-dotnet-apphost-pack-8-0oracle-linux-upgrade-dotnet-apphost-pack-9-0oracle-linux-upgrade-dotnet-hostoracle-linux-upgrade-dotnet-hostfxr-8-0oracle-linux-upgrade-dotnet-hostfxr-9-0oracle-linux-upgrade-dotnet-runtime-8-0oracle-linux-upgrade-dotnet-runtime-9-0oracle-linux-upgrade-dotnet-runtime-dbg-8-0oracle-linux-upgrade-dotnet-runtime-dbg-9-0oracle-linux-upgrade-dotnet-sdk-8-0oracle-linux-upgrade-dotnet-sdk-8-0-source-built-artifactsoracle-linux-upgrade-dotnet-sdk-9-0oracle-linux-upgrade-dotnet-sdk-9-0-source-built-artifactsoracle-linux-upgrade-dotnet-sdk-aot-9-0oracle-linux-upgrade-dotnet-sdk-dbg-8-0oracle-linux-upgrade-dotnet-sdk-dbg-9-0oracle-linux-upgrade-dotnet-targeting-pack-8-0oracle-linux-upgrade-dotnet-targeting-pack-9-0oracle-linux-upgrade-dotnet-templates-8-0oracle-linux-upgrade-dotnet-templates-9-0oracle-linux-upgrade-netstandard-targeting-pack-2-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.