Bug 1299385 (CVE-2016-0466)
Summary: | CVE-2016-0466 OpenJDK: insufficient enforcement of totalEntitySizeLimit (JAXP, 8133962) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | dbhole, jvanek, sbaiduzh, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-02-02 15:20:43 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1295699 |
Description
Tomas Hoger
2016-01-18 09:16:52 UTC
The use of general entities inside tag attribute values allows bypassing the limit. Public now via Oracle Critical Patch Update - January 2016. Fixed in Oracle Java SE 6u111, 7u95, and 8u71. External References: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA OpenJDK 8 upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jaxp/rev/6568ef042ca5 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0050 https://rhn.redhat.com/errata/RHSA-2016-0050.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0049 https://rhn.redhat.com/errata/RHSA-2016-0049.html This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 5 Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2016:0057 https://rhn.redhat.com/errata/RHSA-2016-0057.html This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 5 Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2016:0056 https://rhn.redhat.com/errata/RHSA-2016-0056.html This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2016:0055 https://rhn.redhat.com/errata/RHSA-2016-0055.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0053 https://rhn.redhat.com/errata/RHSA-2016-0053.html This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 5 Via RHSA-2016:0054 https://rhn.redhat.com/errata/RHSA-2016-0054.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 7 Via RHSA-2016:0067 https://rhn.redhat.com/errata/RHSA-2016-0067.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2016:0101 https://rhn.redhat.com/errata/RHSA-2016-0101.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2016:0100 https://rhn.redhat.com/errata/RHSA-2016-0100.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 7 Via RHSA-2016:0098 https://rhn.redhat.com/errata/RHSA-2016-0098.html This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 7 Supplementary for Red Hat Enterprise Linux 6 Via RHSA-2016:0099 https://rhn.redhat.com/errata/RHSA-2016-0099.html This issue has been addressed in the following products: Red Hat Satellite 5.6 Red Hat Satellite 5.7 Via RHSA-2016:1430 https://access.redhat.com/errata/RHSA-2016:1430 |