Описание
In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | java-1.7.1-ibm | Not affected | ||
| Red Hat Enterprise Linux 7 | java-1.7.1-ibm | Not affected | ||
| Red Hat Enterprise Linux 6 Supplementary | java-1.8.0-ibm | Fixed | RHSA-2019:2592 | 03.09.2019 |
| Red Hat Enterprise Linux 7 Supplementary | java-1.8.0-ibm | Fixed | RHSA-2019:2585 | 02.09.2019 |
| Red Hat Enterprise Linux 8 | java-1.8.0-ibm | Fixed | RHSA-2019:2590 | 02.09.2019 |
| Red Hat Satellite 5.8 | java-1.8.0-ibm | Fixed | RHSA-2019:2737 | 11.09.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager.
In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], int) method does not verify that the provided byte array is non-null nor that the provided index is in bounds when compiled by the JIT. This allows arbitrary writes to any 32-bit address or beyond the end of a byte array within Java code run under a SecurityManager.
Уязвимость метода String.getBytes(int, int, byte[], int) виртуальной машины Eclipse OpenJ9, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3