Bug 1639906 (CVE-2018-3211)
| Summary: | CVE-2018-3211 Oracle JDK: unspecified vulnerability fixed in 8u191 and 11.0.1 (Serviceability) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | java-qa |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-10-25 19:16:49 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1639731, 1639732, 1639733 | ||
| Bug Blocks: | 1633819 | ||
|
Description
Tomas Hoger
2018-10-16 21:50:48 UTC
Oracle CPU also notes the following for this issue: This vulnerability can only be exploited when Java Usage Tracker functionality is being used. The Java Usage Tracker functionality is not enabled by default. More information about it can be found here: https://docs.oracle.com/javacomponents/usage-tracker/overview/toc.htm This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3002 This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Via RHSA-2018:3003 https://access.redhat.com/errata/RHSA-2018:3003 |