Bug 1567543 (CVE-2018-2798)

Summary:	CVE-2018-2798 OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989)
Product:	[Other] Security Response	Reporter:	Tomas Hoger <thoger>
Component:	vulnerability	Assignee:	Red Hat Product Security <security-response-team>
Status:	CLOSED ERRATA	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	unspecified	CC:	dbhole, jvanek, security-response-team
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2018-05-24 20:52:17 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	1559768, 1559769, 1559770, 1559771, 1559773, 1559774, 1559775, 1559776, 1565346, 1565347, 1565348, 1565349, 1565350, 1565351, 1565352, 1565353, 1565511, 1565512, 1565513, 1565514, 1577848, 1577849, 1577850, 1577851, 1577855, 1577856, 1577857, 1577858, 1579406, 1579410
Bug Blocks:	1559778

Description Tomas Hoger 2018-04-14 20:39:14 UTC

It was discovered that the implementation of the Container class in the AWT component of OpenJDK did not limit the amount of memory allocated when creating object instance from a serialized form.  A specially-crafted input could cause a Java application to use an excessive amount of memory when deserialized.

Comment 1 Tomas Hoger 2018-04-17 20:54:28 UTC

Public now via Oracle CPU April 2018:

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA

The issue was fixed in Oracle JDK 10.0.1, 8u171, 7u181, and 6u191.

Comment 2 errata-xmlrpc 2018-04-19 17:00:36 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2018:1188 https://access.redhat.com/errata/RHSA-2018:1188

Comment 3 errata-xmlrpc 2018-04-19 18:01:20 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:1191 https://access.redhat.com/errata/RHSA-2018:1191

Comment 4 Tomas Hoger 2018-04-20 20:46:30 UTC

OpenJDK-8 upstream commit:

http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/70c15f2f02c0

Comment 5 errata-xmlrpc 2018-04-23 17:12:36 UTC

This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2018:1201 https://access.redhat.com/errata/RHSA-2018:1201

Comment 6 errata-xmlrpc 2018-04-23 17:15:43 UTC

This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2018:1202 https://access.redhat.com/errata/RHSA-2018:1202

Comment 7 errata-xmlrpc 2018-04-23 17:18:17 UTC

This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2018:1204 https://access.redhat.com/errata/RHSA-2018:1204

Comment 8 errata-xmlrpc 2018-04-23 17:20:30 UTC

This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2018:1203 https://access.redhat.com/errata/RHSA-2018:1203

Comment 9 errata-xmlrpc 2018-04-23 17:22:36 UTC

This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2018:1205 https://access.redhat.com/errata/RHSA-2018:1205

Comment 10 errata-xmlrpc 2018-04-23 17:30:41 UTC

This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2018:1206 https://access.redhat.com/errata/RHSA-2018:1206

Comment 11 errata-xmlrpc 2018-04-30 16:17:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2018:1270 https://access.redhat.com/errata/RHSA-2018:1270

Comment 12 errata-xmlrpc 2018-05-02 22:06:33 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:1278 https://access.redhat.com/errata/RHSA-2018:1278

Comment 15 errata-xmlrpc 2018-05-24 18:52:50 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2018:1721 https://access.redhat.com/errata/RHSA-2018:1721

Comment 16 errata-xmlrpc 2018-05-24 18:57:18 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2018:1722 https://access.redhat.com/errata/RHSA-2018:1722

Comment 17 errata-xmlrpc 2018-05-24 19:01:17 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2018:1723 https://access.redhat.com/errata/RHSA-2018:1723

Comment 18 errata-xmlrpc 2018-05-24 19:04:53 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2018:1724 https://access.redhat.com/errata/RHSA-2018:1724

Comment 19 errata-xmlrpc 2018-06-25 14:56:57 UTC

This issue has been addressed in the following products:

  Red Hat Satellite 5.6
  Red Hat Satellite 5.7

Via RHSA-2018:1974 https://access.redhat.com/errata/RHSA-2018:1974

Comment 20 errata-xmlrpc 2018-06-25 14:57:30 UTC

This issue has been addressed in the following products:

  Red Hat Satellite 5.8

Via RHSA-2018:1975 https://access.redhat.com/errata/RHSA-2018:1975