Bug 2187704 (CVE-2023-21967) - CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiation (8298310)
Summary: CVE-2023-21967 OpenJDK: certificate validation issue in TLS session negotiati...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2023-21967
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2185197 2185198 2185199 2185200 2185201 2185202 2185203 2185204 2185205 2185206 2185207 2185208 2185209 2185210 2185211 2185212 2185213 2185214 2185215 2185216 2185217 2185218 2185219 2185220 2185221 2185222 2185223 2185224 2185225 2185226 2185227 2185228 2185229 2188616 2215911 2215912 2215913
Blocks: 2185177
TreeView+ depends on / blocked
 
Reported: 2023-04-18 13:11 UTC by Mauro Matteo Cascella
Modified: 2023-09-13 08:34 UTC (History)
21 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-04-25 16:39:38 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2023:1924 0 None None None 2023-04-24 00:21:19 UTC
Red Hat Product Errata RHBA-2023:1925 0 None None None 2023-04-24 00:21:52 UTC
Red Hat Product Errata RHBA-2023:1926 0 None None None 2023-04-24 00:22:05 UTC
Red Hat Product Errata RHBA-2023:1928 0 None None None 2023-04-24 01:10:41 UTC
Red Hat Product Errata RHBA-2023:1936 0 None None None 2023-04-24 08:42:24 UTC
Red Hat Product Errata RHBA-2023:1937 0 None None None 2023-04-24 11:22:57 UTC
Red Hat Product Errata RHBA-2023:1938 0 None None None 2023-04-24 11:45:25 UTC
Red Hat Product Errata RHBA-2023:1939 0 None None None 2023-04-24 11:29:25 UTC
Red Hat Product Errata RHBA-2023:1940 0 None None None 2023-04-24 12:57:54 UTC
Red Hat Product Errata RHBA-2023:1942 0 None None None 2023-04-24 14:20:42 UTC
Red Hat Product Errata RHBA-2023:1955 0 None None None 2023-04-25 05:29:18 UTC
Red Hat Product Errata RHBA-2023:2011 0 None None None 2023-04-25 23:25:27 UTC
Red Hat Product Errata RHBA-2023:2025 0 None None None 2023-04-26 09:58:25 UTC
Red Hat Product Errata RHBA-2023:2028 0 None None None 2023-04-26 11:35:47 UTC
Red Hat Product Errata RHBA-2023:2034 0 None None None 2023-04-26 18:40:59 UTC
Red Hat Product Errata RHBA-2023:2049 0 None None None 2023-04-27 14:07:54 UTC
Red Hat Product Errata RHBA-2023:2050 0 None None None 2023-04-27 14:07:43 UTC
Red Hat Product Errata RHBA-2023:2054 0 None None None 2023-04-27 16:18:32 UTC
Red Hat Product Errata RHBA-2023:2066 0 None None None 2023-05-01 22:11:30 UTC
Red Hat Product Errata RHBA-2023:2079 0 None None None 2023-05-02 10:16:09 UTC
Red Hat Product Errata RHBA-2023:2090 0 None None None 2023-05-03 02:23:45 UTC
Red Hat Product Errata RHBA-2023:2142 0 None None None 2023-05-08 01:05:07 UTC
Red Hat Product Errata RHBA-2023:3160 0 None None None 2023-05-17 01:48:52 UTC
Red Hat Product Errata RHBA-2023:3168 0 None None None 2023-05-17 10:30:15 UTC
Red Hat Product Errata RHBA-2023:3172 0 None None None 2023-05-17 10:36:41 UTC
Red Hat Product Errata RHBA-2023:3173 0 None None None 2023-05-17 10:30:37 UTC
Red Hat Product Errata RHBA-2023:3174 0 None None None 2023-05-17 10:40:54 UTC
Red Hat Product Errata RHBA-2023:3226 0 None None None 2023-05-18 14:08:15 UTC
Red Hat Product Errata RHBA-2023:3376 0 None None None 2023-05-31 12:49:31 UTC
Red Hat Product Errata RHBA-2023:3378 0 None None None 2023-05-31 12:50:00 UTC
Red Hat Product Errata RHBA-2023:5037 0 None None None 2023-09-11 08:42:54 UTC
Red Hat Product Errata RHSA-2023:1875 0 None None None 2023-04-19 13:31:19 UTC
Red Hat Product Errata RHSA-2023:1877 0 None None None 2023-04-19 13:58:07 UTC
Red Hat Product Errata RHSA-2023:1878 0 None None None 2023-04-19 14:19:54 UTC
Red Hat Product Errata RHSA-2023:1879 0 None None None 2023-04-19 15:07:16 UTC
Red Hat Product Errata RHSA-2023:1880 0 None None None 2023-04-19 15:27:10 UTC
Red Hat Product Errata RHSA-2023:1882 0 None None None 2023-04-19 19:27:45 UTC
Red Hat Product Errata RHSA-2023:1883 0 None None None 2023-04-19 19:27:31 UTC
Red Hat Product Errata RHSA-2023:1884 0 None None None 2023-04-19 19:36:46 UTC
Red Hat Product Errata RHSA-2023:1885 0 None None None 2023-04-19 19:36:31 UTC
Red Hat Product Errata RHSA-2023:1889 0 None None None 2023-04-20 00:29:50 UTC
Red Hat Product Errata RHSA-2023:1890 0 None None None 2023-04-20 00:48:08 UTC
Red Hat Product Errata RHSA-2023:1891 0 None None None 2023-04-20 01:14:25 UTC
Red Hat Product Errata RHSA-2023:1892 0 None None None 2023-04-20 01:36:19 UTC
Red Hat Product Errata RHSA-2023:1895 0 None None None 2023-04-20 02:02:11 UTC
Red Hat Product Errata RHSA-2023:1898 0 None None None 2023-04-20 02:30:19 UTC
Red Hat Product Errata RHSA-2023:1899 0 None None None 2023-04-20 02:47:21 UTC
Red Hat Product Errata RHSA-2023:1900 0 None None None 2023-04-20 03:01:35 UTC
Red Hat Product Errata RHSA-2023:1903 0 None None None 2023-04-25 11:06:30 UTC
Red Hat Product Errata RHSA-2023:1904 0 None None None 2023-04-25 02:49:22 UTC
Red Hat Product Errata RHSA-2023:1905 0 None None None 2023-04-25 03:20:15 UTC
Red Hat Product Errata RHSA-2023:1906 0 None None None 2023-04-25 03:44:01 UTC
Red Hat Product Errata RHSA-2023:1907 0 None None None 2023-04-25 10:40:24 UTC
Red Hat Product Errata RHSA-2023:1908 0 None None None 2023-04-25 04:18:52 UTC
Red Hat Product Errata RHSA-2023:1909 0 None None None 2023-04-25 04:01:24 UTC
Red Hat Product Errata RHSA-2023:1910 0 None None None 2023-04-25 10:24:24 UTC
Red Hat Product Errata RHSA-2023:1911 0 None None None 2023-04-25 03:08:58 UTC
Red Hat Product Errata RHSA-2023:1912 0 None None None 2023-04-25 11:06:16 UTC
Red Hat Product Errata RHSA-2023:4103 0 None None None 2023-07-17 08:48:29 UTC
Red Hat Product Errata RHSA-2023:4160 0 None None None 2023-07-31 09:30:51 UTC

Description Mauro Matteo Cascella 2023-04-18 13:11:28 UTC
It was discovered that the TLS implementation in the JSSE component of OpenJDK failed to properly handle certificate chains during TLS session negotiation. A remote attacker attacker could use this flaw to affect the availability of a TLS connection (denial-of-service condition).

Comment 9 errata-xmlrpc 2023-04-19 13:31:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:1875 https://access.redhat.com/errata/RHSA-2023:1875

Comment 10 errata-xmlrpc 2023-04-19 13:58:05 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:1877 https://access.redhat.com/errata/RHSA-2023:1877

Comment 11 errata-xmlrpc 2023-04-19 14:19:52 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:1878 https://access.redhat.com/errata/RHSA-2023:1878

Comment 12 errata-xmlrpc 2023-04-19 15:07:14 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:1879 https://access.redhat.com/errata/RHSA-2023:1879

Comment 13 errata-xmlrpc 2023-04-19 15:27:08 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:1880 https://access.redhat.com/errata/RHSA-2023:1880

Comment 14 errata-xmlrpc 2023-04-19 19:27:29 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 11.0.19

Via RHSA-2023:1883 https://access.redhat.com/errata/RHSA-2023:1883

Comment 15 errata-xmlrpc 2023-04-19 19:27:43 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 11.0.19

Via RHSA-2023:1882 https://access.redhat.com/errata/RHSA-2023:1882

Comment 16 errata-xmlrpc 2023-04-19 19:36:29 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 17.0.7

Via RHSA-2023:1885 https://access.redhat.com/errata/RHSA-2023:1885

Comment 17 errata-xmlrpc 2023-04-19 19:36:44 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 17.0.7

Via RHSA-2023:1884 https://access.redhat.com/errata/RHSA-2023:1884

Comment 18 errata-xmlrpc 2023-04-20 00:29:48 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:1889 https://access.redhat.com/errata/RHSA-2023:1889

Comment 19 errata-xmlrpc 2023-04-20 00:48:06 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:1890 https://access.redhat.com/errata/RHSA-2023:1890

Comment 20 errata-xmlrpc 2023-04-20 01:14:23 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:1891 https://access.redhat.com/errata/RHSA-2023:1891

Comment 21 errata-xmlrpc 2023-04-20 01:36:17 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:1892 https://access.redhat.com/errata/RHSA-2023:1892

Comment 22 errata-xmlrpc 2023-04-20 02:02:10 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:1895 https://access.redhat.com/errata/RHSA-2023:1895

Comment 23 errata-xmlrpc 2023-04-20 02:30:17 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:1898 https://access.redhat.com/errata/RHSA-2023:1898

Comment 24 errata-xmlrpc 2023-04-20 02:47:19 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:1899 https://access.redhat.com/errata/RHSA-2023:1899

Comment 25 errata-xmlrpc 2023-04-20 03:01:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:1900 https://access.redhat.com/errata/RHSA-2023:1900

Comment 27 errata-xmlrpc 2023-04-25 02:49:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:1904 https://access.redhat.com/errata/RHSA-2023:1904

Comment 28 errata-xmlrpc 2023-04-25 03:08:56 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:1911 https://access.redhat.com/errata/RHSA-2023:1911

Comment 29 errata-xmlrpc 2023-04-25 03:20:13 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:1905 https://access.redhat.com/errata/RHSA-2023:1905

Comment 30 errata-xmlrpc 2023-04-25 03:43:59 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:1906 https://access.redhat.com/errata/RHSA-2023:1906

Comment 31 errata-xmlrpc 2023-04-25 04:01:22 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:1909 https://access.redhat.com/errata/RHSA-2023:1909

Comment 32 errata-xmlrpc 2023-04-25 04:18:50 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:1908 https://access.redhat.com/errata/RHSA-2023:1908

Comment 33 errata-xmlrpc 2023-04-25 10:24:23 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:1910 https://access.redhat.com/errata/RHSA-2023:1910

Comment 34 errata-xmlrpc 2023-04-25 10:40:22 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2023:1907 https://access.redhat.com/errata/RHSA-2023:1907

Comment 35 errata-xmlrpc 2023-04-25 11:06:14 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 8u362

Via RHSA-2023:1912 https://access.redhat.com/errata/RHSA-2023:1912

Comment 36 errata-xmlrpc 2023-04-25 11:06:28 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 8u362

Via RHSA-2023:1903 https://access.redhat.com/errata/RHSA-2023:1903

Comment 37 Product Security DevOps Team 2023-04-25 16:39:36 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-21967

Comment 39 errata-xmlrpc 2023-07-17 08:48:26 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4103 https://access.redhat.com/errata/RHSA-2023:4103

Comment 40 errata-xmlrpc 2023-07-31 09:30:49 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2023:4160 https://access.redhat.com/errata/RHSA-2023:4160


Note You need to log in before you can comment on or make changes to this bug.