.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
Description
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A denial-of-service vulnerability in .NET and .NET Framework when importing specially crafted X.509 certificates, potentially leading to application crashes.
Vulnerability
Description
CVE-2023-29331 is a denial-of-service (DoS) vulnerability in .NET, .NET Framework, and Visual Studio caused by improper handling of X.509 certificate imports. When .NET processes a malicious binary certificate blob, the runtime may enter an infinite loop or consume excessive resources, resulting in an unresponsive application [1][4]. The root cause lies in how the runtime validates and imports certificate blobs; prior to the June 2023 security update, .NET delegated most validation to the operating system, but the updated code can fail under specific conditions [1].
Attack
Vector
An attacker can exploit this vulnerability by providing a specially crafted X.509 certificate to an affected .NET application through any input channel that accepts certificate data (e.g., file upload, network stream, or configuration). No authentication is required, and the attack does not need special privileges beyond the ability to submit data to a vulnerable endpoint. Applications using affected APIs such as new X509Certificate(byte[]) or X509Certificate2.Import(byte[]) are directly exposed [2][3]. Microsoft notes no mitigating factors exist for this vulnerability [2][3].
Impact
Successful exploitation causes the target application to become unresponsive or crash, leading to a denial of service. The vulnerability does not allow code execution or privilege escalation; its sole impact is on application availability. All supported versions of .NET 6.0 (prior to 6.0.16) and .NET 7.0 (prior to 7.0.5), as well as affected .NET Framework versions (2.0, 4.6.2–4.8, 4.8.1), are vulnerable [1][4].
Mitigation
Microsoft released security updates on June 13, 2023, that fix the certificate import logic. Users should update .NET 6.0 to 6.0.16 or later, .NET 7.0 to 7.0.5 or later, and apply the relevant .NET Framework patches (KB5025823) [1][2]. Workarounds include temporarily disabling certificate import APIs or using alternative validation routines, but updating is the only complete fix [1].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.Windows.CompatibilityNuGet | >= 7.0.0, < 7.0.3 | 7.0.3 |
Microsoft.Windows.CompatibilityNuGet | >= 6.0.0, < 6.0.6 | 6.0.6 |
System.Security.Cryptography.PkcsNuGet | >= 7.0.0, < 7.0.2 | 7.0.2 |
System.Security.Cryptography.PkcsNuGet | >= 6.0.0, < 6.0.3 | 6.0.3 |
Microsoft.NETCore.App.Runtime.linux-armNuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.linux-armNuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.linux-arm64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.linux-arm64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.linux-musl-armNuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.linux-musl-armNuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.linux-musl-arm64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.linux-musl-arm64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.linux-musl-x64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.linux-musl-x64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.linux-x64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.linux-x64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.osx-arm64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.osx-arm64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.osx-x64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.osx-x64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.win-armNuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.win-armNuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.win-arm64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.win-arm64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.win-x64NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Microsoft.NETCore.App.Runtime.win-x64NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.win-x86NuGet | >= 7.0.0, < 7.0.7 | 7.0.7 |
Microsoft.NETCore.App.Runtime.win-x86NuGet | >= 6.0.0, < 6.0.18 | 6.0.18 |
Affected products
57- osv-coords37 versionspkg:bitnami/dotnetpkg:bitnami/dotnet-sdkpkg:nuget/microsoft.netcore.app.runtime.linux-armpkg:nuget/microsoft.netcore.app.runtime.linux-arm64pkg:nuget/microsoft.netcore.app.runtime.linux-musl-armpkg:nuget/microsoft.netcore.app.runtime.linux-musl-arm64pkg:nuget/microsoft.netcore.app.runtime.linux-musl-x64pkg:nuget/microsoft.netcore.app.runtime.linux-x64pkg:nuget/microsoft.netcore.app.runtime.osx-arm64pkg:nuget/microsoft.netcore.app.runtime.osx-x64pkg:nuget/microsoft.netcore.app.runtime.win-armpkg:nuget/microsoft.netcore.app.runtime.win-arm64pkg:nuget/microsoft.netcore.app.runtime.win-x64pkg:nuget/microsoft.netcore.app.runtime.win-x86pkg:nuget/microsoft.windows.compatibilitypkg:nuget/system.security.cryptography.pkcspkg:rpm/almalinux/aspnetcore-runtime-6.0pkg:rpm/almalinux/aspnetcore-runtime-7.0pkg:rpm/almalinux/aspnetcore-targeting-pack-6.0pkg:rpm/almalinux/aspnetcore-targeting-pack-7.0pkg:rpm/almalinux/dotnetpkg:rpm/almalinux/dotnet-apphost-pack-6.0pkg:rpm/almalinux/dotnet-apphost-pack-7.0pkg:rpm/almalinux/dotnet-hostpkg:rpm/almalinux/dotnet-hostfxr-6.0pkg:rpm/almalinux/dotnet-hostfxr-7.0pkg:rpm/almalinux/dotnet-runtime-6.0pkg:rpm/almalinux/dotnet-runtime-7.0pkg:rpm/almalinux/dotnet-sdk-6.0pkg:rpm/almalinux/dotnet-sdk-6.0-source-built-artifactspkg:rpm/almalinux/dotnet-sdk-7.0pkg:rpm/almalinux/dotnet-sdk-7.0-source-built-artifactspkg:rpm/almalinux/dotnet-targeting-pack-6.0pkg:rpm/almalinux/dotnet-targeting-pack-7.0pkg:rpm/almalinux/dotnet-templates-6.0pkg:rpm/almalinux/dotnet-templates-7.0pkg:rpm/almalinux/netstandard-targeting-pack-2.1
>= 6.0.0, < 6.0.1+ 36 more
- (no CPE)range: >= 6.0.0, < 6.0.1
- (no CPE)range: >= 6.0.0, < 6.0.1
- (no CPE)range: >= 7.0.0, < 7.0.7
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 7.0.0, < 7.0.7
- (no CPE)range: >= 7.0.0, < 7.0.7
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 6.0.0, < 6.0.18
- (no CPE)range: >= 7.0.0, < 7.0.7
- (no CPE)range: >= 7.0.0, < 7.0.3
- (no CPE)range: >= 7.0.0, < 7.0.2
- (no CPE)range: < 6.0.18-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 6.0.18-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 7.0.107-1.el8_8
- (no CPE)range: < 6.0.18-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 6.0.18-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 6.0.18-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 6.0.118-1.el9_2
- (no CPE)range: < 6.0.118-1.el9_2
- (no CPE)range: < 7.0.107-1.el9_2
- (no CPE)range: < 7.0.107-1.el9_2
- (no CPE)range: < 6.0.18-1.el9_2
- (no CPE)range: < 7.0.7-1.el9_2
- (no CPE)range: < 6.0.118-1.el9_2
- (no CPE)range: < 7.0.107-1.el9_2
- (no CPE)range: < 7.0.107-1.el9_2
- Microsoft/Microsoft .NET Framework 2.0 Service Pack 2v5Range: 2.0.0
- Microsoft/Microsoft .NET Framework 3.0 Service Pack 2v5Range: 3.0.0
- Microsoft/Microsoft .NET Framework 3.5v5Range: 3.5.0
- Microsoft/Microsoft .NET Framework 3.5.1v5Range: 3.5.0
- Microsoft/Microsoft .NET Framework 3.5 and 4.6.2v5Range: 4.7.0
- Microsoft/Microsoft .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2v5Range: 3.0.0.0
- Microsoft/Microsoft .NET Framework 3.5 AND 4.7.2v5Range: 4.7.0
- Microsoft/Microsoft .NET Framework 3.5 AND 4.8v5Range: 4.8.0
- Microsoft/Microsoft .NET Framework 3.5 AND 4.8.1v5Range: 4.8.1
- Microsoft/Microsoft .NET Framework 4.6.2v5Range: 4.7.0
- Microsoft/Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2v5Range: 4.7.0
- Microsoft/Microsoft .NET Framework 4.8v5Range: 4.8.0
- Microsoft/Microsoft Visual Studio 2022 version 17.0v5Range: 17.0.0
- Microsoft/Microsoft Visual Studio 2022 version 17.2v5Range: 17.2.0
- Microsoft/Microsoft Visual Studio 2022 version 17.4v5Range: 17.4.0
- Microsoft/Microsoft Visual Studio 2022 version 17.6v5Range: 17.6.0
- Microsoft/.NET 6.0v5Range: 6.0.0
- Microsoft/.NET 7.0v5Range: 7.0.0
- Microsoft/PowerShell 7.2v5Range: 7.2.0
- Microsoft/PowerShell 7.3v5Range: 7.3.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-555c-2p6r-68mmghsaADVISORY
- msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331ghsavendor-advisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-29331ghsaADVISORY
- github.com/dotnet/announcements/issues/257ghsaWEB
- github.com/dotnet/runtime/security/advisories/GHSA-555c-2p6r-68mmghsaWEB
- support.microsoft.com/kb/5025823ghsaWEB
News mentions
0No linked articles in our index yet.