.NET Security Patches Address File Tampering and DoS Vulnerabilities
Ubuntu has released critical security updates for .NET addressing two significant vulnerabilities: improper link resolution enabling unauthorized file writes and a denial-of-service flaw in MessagePack array handling. Development teams should prioritize patching to prevent local exploitation and resource exhaustion attacks.
TL;DR
- CVE-2026-45491: .NET link resolution flaw allows local attackers to write arbitrary files outside extraction directories
- CVE-2026-45591: Deeply-nested MessagePack arrays can trigger excessive resource consumption and denial of service
- Both vulnerabilities affect .NET runtime and require immediate patching via Ubuntu security updates
- Local attackers can exploit file tampering to compromise application integrity and data
Canonical has released security notice USN-8420-1 addressing two distinct vulnerabilities in the .NET runtime that pose risks to applications and systems running on Ubuntu. The first vulnerability stems from improper handling of symbolic link resolution before file access operations, creating a window for local attackers to perform unauthorized file writes. The second involves insufficient validation of MessagePack array nesting depth, enabling denial-of-service conditions through resource exhaustion.
These vulnerabilities require immediate attention from development and operations teams deploying .NET applications. The file tampering issue is particularly concerning in multi-tenant or shared hosting environments where local privilege escalation could lead to broader system compromise. Organizations should apply the patches promptly and verify their .NET installations are updated to the latest patched versions.
File Tampering via Link Resolution Bypass (CVE-2026-45491)
- Improper link resolution allows attackers to write files outside intended extraction directories
- Local attacker can perform unauthorized file tampering on the target system
- Affects .NET file handling during archive extraction and similar operations
- Risk is elevated in shared hosting or multi-tenant deployment scenarios
Denial of Service via MessagePack Array Handling (CVE-2026-45591)
- Deeply-nested MessagePack arrays cause excessive resource consumption in .NET runtime
- Attacker can trigger denial of service by crafting malicious serialized data
- Impacts applications that deserialize untrusted MessagePack payloads
- Can lead to application crashes or service unavailability
Remediation and Best Practices
- Apply USN-8420-1 security updates immediately across all .NET deployments
- Validate link resolution behavior in custom file extraction code
- Implement input validation and size limits for MessagePack deserialization
- Monitor for exploitation attempts targeting file system operations
Sources
Sources
Security email updates
One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.