Bug 1150118 (CVE-2014-6513)

Summary: CVE-2014-6513 OpenJDK: splash image handling memory corruption (AWT, 8042609)
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedCC: dbhole, jvanek, omajid, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-07 13:48:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1148726    

Description Tomas Hoger 2014-10-07 13:18:11 UTC 
A flaw was found in the way the AWT component of OpenJDK handled splash screen images.  A specially crafted image could possibly cause JVM memory corruption.  A malicious Java application or applet could use this flaw to execute arbitrary code with JVM privileges, bypassing Java sandbox restrictions.

This issue affected native code for Windows platform.  Linux builds of OpenJDK do not use the affected code and are unaffected by this issue.
Comment 1 Tomas Hoger 2014-10-07 13:48:54 UTC 
Statement:

Not vulnerable. This issue did not affect the versions of OpenJDK as shipped with Red Hat Enterprise Linux.
Comment 2 Tomas Hoger 2014-10-14 20:29:34 UTC 
Public now via Oracle Critical Patch Update - October 2014.  Fixed in Oracle Java SE 6u85, 7u71, and 8u25.

External References:

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA