exploitDog

RLSA-2024:4573

Опубликовано: 26 июл. 2024

Источник: rocky

Оценка: Important

Описание

Important: java-21-openjdk security update

The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit.

Security Fix(es):

OpenJDK: RangeCheckElimination array index overflow (8323231) (CVE-2024-21147)
OpenJDK: potential UTF8 size overflow (8314794) (CVE-2024-21131)
OpenJDK: Excessive symbol length can lead to infinite loop (8319859) (CVE-2024-21138)
OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548) (CVE-2024-21140)
OpenJDK: Out-of-bounds access in 2D image handling (8324559) (CVE-2024-21145)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8
Rocky Linux 9

Связанные CVE

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2297961
Red Hat - 2297961
https://bugzilla.redhat.com/show_bug.cgi?id=2297962
Red Hat - 2297962
https://bugzilla.redhat.com/show_bug.cgi?id=2297963
Red Hat - 2297963
https://bugzilla.redhat.com/show_bug.cgi?id=2297976
Red Hat - 2297976
https://bugzilla.redhat.com/show_bug.cgi?id=2297977
Red Hat - 2297977

Связанные уязвимости

SUSE-SU-2024:2628-1

suse-cvrf

11 месяцев назад

Security update for java-17-openjdk

SUSE-SU-2024:2578-1

suse-cvrf

11 месяцев назад

Security update for java-21-openjdk

RLSA-2024:4568

rocky

около 1 месяца назад

Important: java-17-openjdk security update

ELSA-2024-4573

oracle-oval

11 месяцев назад

ELSA-2024-4573: java-21-openjdk security update (IMPORTANT)

ELSA-2024-4568

oracle-oval

11 месяцев назад

ELSA-2024-4568: java-17-openjdk security update (IMPORTANT)