A flaw was found in the Pack200 archive format in OpenJDK. The NativeUnpack class did not properly validate the memory size when allocating a buffer, potentially leading to an excessive memory allocation and denial of service condition.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1817 https://access.redhat.com/errata/RHSA-2024:1817
This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u412 Via RHSA-2024:1816 https://access.redhat.com/errata/RHSA-2024:1816
This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u412 Via RHSA-2024:1815 https://access.redhat.com/errata/RHSA-2024:1815
This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.23 Via RHSA-2024:1820 https://access.redhat.com/errata/RHSA-2024:1820
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Extended Update Support Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:1818 https://access.redhat.com/errata/RHSA-2024:1818
This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.23 Via RHSA-2024:1819 https://access.redhat.com/errata/RHSA-2024:1819
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2024:1821 https://access.redhat.com/errata/RHSA-2024:1821
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Extended Update Support Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2024:1822 https://access.redhat.com/errata/RHSA-2024:1822