Bug 1639301 (CVE-2018-3214) - CVE-2018-3214 OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361)
Summary: CVE-2018-3214 OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361)
Status: CLOSED ERRATA
Alias: CVE-2018-3214
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20181016,repor...
Keywords: Security
Depends On: 1639730 1646175 1649856 1633820 1633821 1633822 1639728 1639729 1639731 1639732 1639733 1639734 1639736 1639737 1639780 1640178 1640179 1640180 1646173 1646174 1649854 1649855 1652094 1652099 1652100
Blocks: 1633819
TreeView+ depends on / blocked
 
Reported: 2018-10-15 13:16 UTC by Tomas Hoger
Modified: 2019-06-08 23:39 UTC (History)
5 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2018-12-18 21:49:51 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:2942 None None None 2018-10-17 21:22 UTC
Red Hat Product Errata RHSA-2018:2943 None None None 2018-10-17 21:22 UTC
Red Hat Product Errata RHSA-2018:3000 None None None 2018-10-24 22:05 UTC
Red Hat Product Errata RHSA-2018:3001 None None None 2018-10-24 22:06 UTC
Red Hat Product Errata RHSA-2018:3002 None None None 2018-10-24 22:07 UTC
Red Hat Product Errata RHSA-2018:3003 None None None 2018-10-24 22:07 UTC
Red Hat Product Errata RHSA-2018:3007 None None None 2018-10-24 21:39 UTC
Red Hat Product Errata RHSA-2018:3008 None None None 2018-10-24 21:39 UTC
Red Hat Product Errata RHSA-2018:3350 None None None 2018-10-30 09:18 UTC
Red Hat Product Errata RHSA-2018:3409 None None None 2018-10-30 16:59 UTC
Red Hat Product Errata RHSA-2018:3533 None None None 2018-11-09 11:49 UTC
Red Hat Product Errata RHSA-2018:3534 None None None 2018-11-09 11:49 UTC
Red Hat Product Errata RHSA-2018:3671 None None None 2018-11-26 15:42 UTC
Red Hat Product Errata RHSA-2018:3672 None None None 2018-11-26 15:43 UTC
Red Hat Product Errata RHSA-2018:3779 None None None 2018-12-05 15:53 UTC
Red Hat Product Errata RHSA-2018:3852 None None None 2018-12-18 15:51 UTC

Description Tomas Hoger 2018-10-15 13:16:38 UTC
An infinite loop flaw was found in the RIFF (Resource Interchange File Format) file format reader in the Sound component of OpenJDK.  A specially crafted RIFF file could cause a Java application to enter an infinite loop while reading the RIFF file.

Comment 1 Tomas Hoger 2018-10-15 13:21:32 UTC
This issue was originally reported and fixed in 2015:

https://bugs.openjdk.java.net/browse/JDK-8135160
http://hg.openjdk.java.net/jdk9/jdk9/jdk/rev/420dd4208444

but it only got fixed in OpenJDK 9 and not backported to earlier versions at the time.

The problem was re-discovered again when fuzzing Apache Tika:

https://www.modzero.ch/modlog/archives/2018/09/20/java_bugs_with_and_without_fuzzing/index.html

Comment 3 Tomas Hoger 2018-10-16 20:57:40 UTC
Public now via Oracle CPU October 2018:

https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA

The issue was fixed in Oracle JDK 8u191, 7u201, and 6u211.

Comment 5 errata-xmlrpc 2018-10-17 21:22:02 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:2942 https://access.redhat.com/errata/RHSA-2018:2942

Comment 6 errata-xmlrpc 2018-10-17 21:22:36 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2018:2943 https://access.redhat.com/errata/RHSA-2018:2943

Comment 7 Tomas Hoger 2018-10-19 20:33:22 UTC
OpenJDK-8 upstream commit:
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c1cffa411ed5

Comment 8 errata-xmlrpc 2018-10-24 21:39:05 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2018:3007 https://access.redhat.com/errata/RHSA-2018:3007

Comment 9 errata-xmlrpc 2018-10-24 21:39:38 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2018:3008 https://access.redhat.com/errata/RHSA-2018:3008

Comment 10 errata-xmlrpc 2018-10-24 22:05:38 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2018:3000 https://access.redhat.com/errata/RHSA-2018:3000

Comment 11 errata-xmlrpc 2018-10-24 22:06:12 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2018:3001 https://access.redhat.com/errata/RHSA-2018:3001

Comment 12 errata-xmlrpc 2018-10-24 22:06:55 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2018:3002 https://access.redhat.com/errata/RHSA-2018:3002

Comment 13 errata-xmlrpc 2018-10-24 22:07:40 UTC
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6

Via RHSA-2018:3003 https://access.redhat.com/errata/RHSA-2018:3003

Comment 15 errata-xmlrpc 2018-10-30 09:18:25 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:3350 https://access.redhat.com/errata/RHSA-2018:3350

Comment 16 errata-xmlrpc 2018-10-30 16:59:21 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2018:3409 https://access.redhat.com/errata/RHSA-2018:3409

Comment 17 errata-xmlrpc 2018-11-09 11:49:12 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2018:3533 https://access.redhat.com/errata/RHSA-2018:3533

Comment 18 errata-xmlrpc 2018-11-09 11:49:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2018:3534 https://access.redhat.com/errata/RHSA-2018:3534

Comment 21 errata-xmlrpc 2018-11-26 15:42:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2018:3671 https://access.redhat.com/errata/RHSA-2018:3671

Comment 22 errata-xmlrpc 2018-11-26 15:43:19 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2018:3672 https://access.redhat.com/errata/RHSA-2018:3672

Comment 23 errata-xmlrpc 2018-12-05 15:52:58 UTC
This issue has been addressed in the following products:

  Red Hat Satellite 5.6
  Red Hat Satellite 5.7

Via RHSA-2018:3779 https://access.redhat.com/errata/RHSA-2018:3779

Comment 24 errata-xmlrpc 2018-12-18 15:51:00 UTC
This issue has been addressed in the following products:

  Red Hat Satellite 5.8

Via RHSA-2018:3852 https://access.redhat.com/errata/RHSA-2018:3852


Note You need to log in before you can comment on or make changes to this bug.