Описание
A vulnerability was found in OpenJDK. This issue occurs in the ciMethodBlocks::make_block_at function in OpenJDK (HotSpot VM) 8 (11 and 17 are fixed starting from 11.0.17 and 17.0.5 respectively), and may allow an attacker to cause a denial of service.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat build of OpenJDK 11 | Linux | Not affected | ||
| Red Hat build of OpenJDK 11 | Windows | Not affected | ||
| Red Hat build of OpenJDK 17 | Linux | Not affected | ||
| Red Hat build of OpenJDK 17 | Windows | Not affected | ||
| Red Hat build of OpenJDK 1.8 | Windows | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.6.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.7.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 6 | java-1.8.0-openjdk | Not affected | ||
| Red Hat Enterprise Linux 7 | java-11-openjdk | Not affected | ||
| Red Hat Enterprise Linux 7 | java-1.6.0-openjdk | Not affected |
Показывать по
Дополнительная информация
Статус:
4.9 Medium
CVSS3
Связанные уязвимости
Rejected reason: ** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue.
An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service.
ELSA-2023-5733: java-1.8.0-openjdk security update (MODERATE)
ELSA-2023-5731: java-1.8.0-openjdk security update (MODERATE)
4.9 Medium
CVSS3