Red Hat Bugzilla – Bug 1600925
CVE-2018-2952 OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)
Last modified: 2018-10-24 17:39:26 EDT
It was discovered that the implementation of the PatternSyntaxException class in the Concurrency component of OpenJDK failed to sufficiently validate the 'index' value (to ensure it's not greater than the regular expression length) in the getMessage() method. An instance of the class with invalid index value, for example one created via deserialization on an untrusted input, could cause a Java application to use an excessive amount of memory.
Public now via Oracle CPU July 2018: http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA The issue was fixed in Oracle JDK 10.0.2, 8u181, 7u191, and 6u201.
OpenJDK-8 upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/baac18e216fb
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2241 https://access.redhat.com/errata/RHSA-2018:2241
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2242 https://access.redhat.com/errata/RHSA-2018:2242
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2018:2254 https://access.redhat.com/errata/RHSA-2018:2254
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Via RHSA-2018:2256 https://access.redhat.com/errata/RHSA-2018:2256
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2018:2253 https://access.redhat.com/errata/RHSA-2018:2253
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Via RHSA-2018:2255 https://access.redhat.com/errata/RHSA-2018:2255
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:2283 https://access.redhat.com/errata/RHSA-2018:2283
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:2286 https://access.redhat.com/errata/RHSA-2018:2286
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Supplementary Via RHSA-2018:2568 https://access.redhat.com/errata/RHSA-2018:2568
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Supplementary Via RHSA-2018:2569 https://access.redhat.com/errata/RHSA-2018:2569
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2018:2575 https://access.redhat.com/errata/RHSA-2018:2575
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2018:2576 https://access.redhat.com/errata/RHSA-2018:2576
This issue has been addressed in the following products: Red Hat Satellite 5.6 Red Hat Satellite 5.7 Via RHSA-2018:2712 https://access.redhat.com/errata/RHSA-2018:2712
This issue has been addressed in the following products: Red Hat Satellite 5.8 Via RHSA-2018:2713 https://access.redhat.com/errata/RHSA-2018:2713
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Via RHSA-2018:3007 https://access.redhat.com/errata/RHSA-2018:3007
This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 6 Via RHSA-2018:3008 https://access.redhat.com/errata/RHSA-2018:3008