Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges.
IBM JDK packages shipped in Red Hat Enterprise Linux Supplementary 6 and 7 were previously updated to fixed upstream version via the following errata:
This issue has been addressed in the following products:
Red Hat Satellite 5.8
Via RHSA-2018:1463 https://access.redhat.com/errata/RHSA-2018:1463