Bug 2297962 (CVE-2024-21138)
| Summary: | CVE-2024-21138 OpenJDK: Excessive symbol length can lead to infinite loop (8319859) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Mauro Matteo Cascella <mcascell> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | ahughes, caswilli, chazlett, fjansen, jsamir, kaycoth, kholdawa, khosford, mbalao, neugens, pjindal, security-response-team, sraghupu, sthirugn, vkrizan |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2297109 | ||
| Bug Blocks: | 2297112 | ||
|
Description
Mauro Matteo Cascella
2024-07-15 15:24:50 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:4564 https://access.redhat.com/errata/RHSA-2024:4564 This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.24 Via RHSA-2024:4565 https://access.redhat.com/errata/RHSA-2024:4565 This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.12 Via RHSA-2024:4569 https://access.redhat.com/errata/RHSA-2024:4569 This issue has been addressed in the following products: Red Hat Build of OpenJDK 21.0.4 Via RHSA-2024:4571 https://access.redhat.com/errata/RHSA-2024:4571 This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.12 Via RHSA-2024:4570 https://access.redhat.com/errata/RHSA-2024:4570 This issue has been addressed in the following products: Red Hat Build of OpenJDK 21.0.4 Via RHSA-2024:4572 https://access.redhat.com/errata/RHSA-2024:4572 This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.24 Via RHSA-2024:4566 https://access.redhat.com/errata/RHSA-2024:4566 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4567 https://access.redhat.com/errata/RHSA-2024:4567 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Via RHSA-2024:4573 https://access.redhat.com/errata/RHSA-2024:4573 This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u422 Via RHSA-2024:4561 https://access.redhat.com/errata/RHSA-2024:4561 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4568 https://access.redhat.com/errata/RHSA-2024:4568 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4563 https://access.redhat.com/errata/RHSA-2024:4563 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:4560 https://access.redhat.com/errata/RHSA-2024:4560 This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u422 Via RHSA-2024:4562 https://access.redhat.com/errata/RHSA-2024:4562 OpenJDK-8 upstream commit: https://github.com/openjdk/jdk8u/commit/3dd1095e9aac868078aaaa8b6d1da51873545a4e OpenJDK-11 upstream commit: https://github.com/openjdk/jdk11u/commit/fcfbef7f66dc31978bcb228dd8a042f9aa190ff7 OpenJDK-17 upstream commit: https://github.com/openjdk/jdk17u/commit/5676e2157db6b4af859c9d7df61d4ae527b40da0 OpenJDK-21 upstream commit: https://github.com/openjdk/jdk21u/commit/9862eb38f3e5add6a852870a9e3a4feb9d33f807 |