vulnerability

Red Hat: CVE-2022-29117: CVE-2022-29117 dotnet: malicious content causes high CPU and memory usage (Multiple Advisories)

Name: Red Hat: CVE-2022-29117: CVE-2022-29117 dotnet: malicious content causes high CPU and memory usage (Multiple Advisories)
Creator: Red Hat
Published: 2022-05-10T00:00:00.000Z

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

May 10, 2022

Added

May 13, 2022

Modified

Jun 12, 2026

Description

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that many chunks.

Solutions

redhat-upgrade-aspnetcore-runtime-3-1redhat-upgrade-aspnetcore-runtime-5-0redhat-upgrade-aspnetcore-runtime-6-0redhat-upgrade-aspnetcore-targeting-pack-3-1redhat-upgrade-aspnetcore-targeting-pack-5-0redhat-upgrade-aspnetcore-targeting-pack-6-0redhat-upgrade-dotnetredhat-upgrade-dotnet-apphost-pack-3-1redhat-upgrade-dotnet-apphost-pack-3-1-debuginforedhat-upgrade-dotnet-apphost-pack-5-0redhat-upgrade-dotnet-apphost-pack-5-0-debuginforedhat-upgrade-dotnet-apphost-pack-6-0redhat-upgrade-dotnet-apphost-pack-6-0-debuginforedhat-upgrade-dotnet-hostredhat-upgrade-dotnet-host-debuginforedhat-upgrade-dotnet-hostfxr-3-1redhat-upgrade-dotnet-hostfxr-3-1-debuginforedhat-upgrade-dotnet-hostfxr-5-0redhat-upgrade-dotnet-hostfxr-5-0-debuginforedhat-upgrade-dotnet-hostfxr-6-0redhat-upgrade-dotnet-hostfxr-6-0-debuginforedhat-upgrade-dotnet-runtime-3-1redhat-upgrade-dotnet-runtime-3-1-debuginforedhat-upgrade-dotnet-runtime-5-0redhat-upgrade-dotnet-runtime-5-0-debuginforedhat-upgrade-dotnet-runtime-6-0redhat-upgrade-dotnet-runtime-6-0-debuginforedhat-upgrade-dotnet-sdk-3-1redhat-upgrade-dotnet-sdk-3-1-debuginforedhat-upgrade-dotnet-sdk-3-1-source-built-artifactsredhat-upgrade-dotnet-sdk-5-0redhat-upgrade-dotnet-sdk-5-0-debuginforedhat-upgrade-dotnet-sdk-5-0-source-built-artifactsredhat-upgrade-dotnet-sdk-6-0redhat-upgrade-dotnet-sdk-6-0-debuginforedhat-upgrade-dotnet-sdk-6-0-source-built-artifactsredhat-upgrade-dotnet-targeting-pack-3-1redhat-upgrade-dotnet-targeting-pack-5-0redhat-upgrade-dotnet-targeting-pack-6-0redhat-upgrade-dotnet-templates-3-1redhat-upgrade-dotnet-templates-5-0redhat-upgrade-dotnet-templates-6-0redhat-upgrade-dotnet3-1-debuginforedhat-upgrade-dotnet3-1-debugsourceredhat-upgrade-dotnet5-0-debuginforedhat-upgrade-dotnet5-0-debugsourceredhat-upgrade-dotnet6-0-debuginforedhat-upgrade-dotnet6-0-debugsourceredhat-upgrade-netstandard-targeting-pack-2-1

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report