CVE-2025-26646
Description
Important: .NET 9.0 security update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description dotnet: .NET and Visual Studio Spoofing Vulnerability Red Hat statement This vulnerability in .NET is Important because it allows spoofing of trusted identities or content through crafted input, exploiting weaknesses in validation logic. While it requires user interaction and limited privileges, it can subvert authentication flows or integrity checks, leading to unauthorized actions.…
Description
dotnet: .NET and Visual Studio Spoofing Vulnerability
Red Hat statement
This vulnerability in .NET is Important because it allows spoofing of trusted identities or content through crafted input, exploiting weaknesses in validation logic. While it requires user interaction and limited privileges, it can subvert authentication flows or integrity checks, leading to unauthorized actions. In security-sensitive contexts—like signed assembly loading, secure package feeds, or automated build systems—such spoofing can compromise trust boundaries and facilitate privilege escalation or supply chain attacks, making it more severe than a typical moderate flaw. ``` .NET 6.0 for RHEL-8, RHEL-9 and RHIVOS has reached its End of Life as of November 12, 2024, and is no longer supported. No fixes will be provided for this stream. For additional information about lifecycle for .NET on Red Hat Enterprise Linux, please refer to: https://access.redhat.com/support/policy/updates/net-core. ```
CVSS v3: 8.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | dotnet8.0-0:8.0.116-1.el10_0 | RHSA-2025:7599 | 2025-05-14T00:00:00Z |
| Red Hat Enterprise Linux 10 | dotnet9.0-0:9.0.106-1.el10_0 | RHSA-2025:7601 | 2025-05-14T00:00:00Z |
| Red Hat Enterprise Linux 8 | dotnet9.0-0:9.0.106-1.el8_10 | RHSA-2025:7571 | 2025-05-14T00:00:00Z |
| Red Hat Enterprise Linux 8 | dotnet8.0-0:8.0.116-1.el8_10 | RHSA-2025:7589 | 2025-05-14T00:00:00Z |
| Red Hat Enterprise Linux 9 | dotnet8.0-0:8.0.116-1.el9_6 | RHSA-2025:7598 | 2025-05-14T00:00:00Z |
| Red Hat Enterprise Linux 9 | dotnet9.0-0:9.0.106-1.el9_6 | RHSA-2025:7600 | 2025-05-14T00:00:00Z |
| Red Hat Enterprise Linux 9.4 Extended Update Support | dotnet8.0-0:8.0.116-1.el9_4 | RHSA-2025:7603 | 2025-05-14T00:00:00Z |
| Red Hat Hardened Images | dotnet8-0-main-8.0.126-1.hum1 | RHSA-2026:9080 | 2026-04-20T00:00:00Z |
| Red Hat Hardened Images | dotnet9-0-main-9.0.116-1.hum1 | RHSA-2026:9205 | 2026-04-21T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 9 | dotnet6.0 | Out of support scope |
| Red Hat Enterprise Linux 9 | dotnet7.0 | Out of support scope |
| Red Hat Hardened Images | dotnet10.0 | Not affected |
Apply commands
yum update -y dotnet8
# or:
dnf upgrade -y dotnet8Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Hardened Images | Not affected |
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| rhel | 9 | fixed | |
| rocky | 8 | fixed | |
| rocky | 9 | fixed | |
| almalinux | 9 | fixed | aspnetcore-targeting-pack-9.0-9.0.5-1.el9_6.ppc64le.rpm |
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| NuGet | Microsoft.Build.Tasks.Core | >=15.8.166,<15.9.30 | 15.9.30 |
| NuGet | Microsoft.Build.Tasks.Core | >=16.0.461,<16.11.6 | 16.11.6 |
| NuGet | Microsoft.Build.Tasks.Core | >=17.0.0,<17.8.29 | 17.8.29 |
| NuGet | Microsoft.Build.Tasks.Core | >=17.9.5,<17.10.29 | 17.10.29 |
| NuGet | Microsoft.Build.Tasks.Core | >=17.11.4,<17.12.36 | 17.12.36 |
| NuGet | Microsoft.Build.Tasks.Core | >=17.12.6,<17.13.26 | 17.13.26 |
| NuGet | Microsoft.Build.Tasks.Core | >=17.13.9,<17.14.8 | 17.14.8 |
References
- https://access.redhat.com/errata/RHSA-2025:7598
- https://access.redhat.com/errata/RHSA-2025:7600
- https://errata.rockylinux.org/RLSA-2025:7571
- https://errata.rockylinux.org/RLSA-2025:7598
- https://errata.rockylinux.org/RLSA-2025:7600
- https://github.com/dotnet/msbuild/security/advisories/GHSA-h4j7-5rxr-p4wc
- https://nvd.nist.gov/vuln/detail/CVE-2025-26646
- https://github.com/dotnet/announcements/issues/356
- https://github.com/dotnet/msbuild/issues/11846
- https://github.com/dotnet/msbuild
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26646
- https://access.redhat.com/errata/RHSA-2025:7589
- https://bugzilla.redhat.com/2365317
- https://errata.almalinux.org/8/ALSA-2025-7589.html
- https://access.redhat.com/errata/RHSA-2025:7571
- https://errata.almalinux.org/8/ALSA-2025-7571.html
- https://errata.almalinux.org/9/ALSA-2025-7600.html
- https://errata.almalinux.org/9/ALSA-2025-7598.html
- https://errata.rockylinux.org/RLSA-2025:7589
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.