Bug 2297961 (CVE-2024-21131)
| Summary: | CVE-2024-21131 OpenJDK: potential UTF8 size overflow (8314794) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | ahughes, caswilli, chazlett, fjansen, jsamir, kaycoth, kholdawa, khosford, mbalao, neugens, pjindal, security-response-team, sraghupu, sthirugn, vkrizan |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2297109 | ||
| Bug Blocks: | 2297112 | ||
|
Description
Mauro Matteo Cascella
2024-07-15 15:21:03 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:4564 https://access.redhat.com/errata/RHSA-2024:4564 This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.24 Via RHSA-2024:4565 https://access.redhat.com/errata/RHSA-2024:4565 This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.12 Via RHSA-2024:4569 https://access.redhat.com/errata/RHSA-2024:4569 This issue has been addressed in the following products: Red Hat Build of OpenJDK 21.0.4 Via RHSA-2024:4571 https://access.redhat.com/errata/RHSA-2024:4571 This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.12 Via RHSA-2024:4570 https://access.redhat.com/errata/RHSA-2024:4570 This issue has been addressed in the following products: Red Hat Build of OpenJDK 21.0.4 Via RHSA-2024:4572 https://access.redhat.com/errata/RHSA-2024:4572 This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.24 Via RHSA-2024:4566 https://access.redhat.com/errata/RHSA-2024:4566 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4567 https://access.redhat.com/errata/RHSA-2024:4567 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Via RHSA-2024:4573 https://access.redhat.com/errata/RHSA-2024:4573 This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u422 Via RHSA-2024:4561 https://access.redhat.com/errata/RHSA-2024:4561 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4568 https://access.redhat.com/errata/RHSA-2024:4568 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4563 https://access.redhat.com/errata/RHSA-2024:4563 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:4560 https://access.redhat.com/errata/RHSA-2024:4560 This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u422 Via RHSA-2024:4562 https://access.redhat.com/errata/RHSA-2024:4562 OpenJDK-8 upstream commit: https://github.com/openjdk/jdk8u/commit/48e19d8467c7cd6f2594093c42f9292df8bf5e96 OpenJDK-11 upstream commit: https://github.com/openjdk/jdk11u/commit/6fb5b8a3d26acfcfc0c114b13feab5f9a28718e7 OpenJDK-17 upstream commit: https://github.com/openjdk/jdk17u/commit/c6031dcb1b7f13e253036088222f53083a8cd028 OpenJDK-21 upstream commit: https://github.com/openjdk/jdk21u/commit/2586c32d2fd9f119432464293998d6b9a43b28ee |