Bug 2359693 (CVE-2025-30698) - CVE-2025-30698 openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)
Summary: CVE-2025-30698 openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)
Keywords:
Status: NEW
Alias: CVE-2025-30698
Deadline: 2025-04-15
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-04-15 07:41 UTC by OSIDB Bzimport
Modified: 2026-02-05 07:02 UTC (History)
20 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2025:7508 0 None None None 2025-05-13 16:01:59 UTC

Description OSIDB Bzimport 2025-04-15 07:41:23 UTC 
The Graphics.copyArea operation with extreme values can trigger a heap corruption scenario.
Comment 1 Mauro Matteo Cascella 2025-04-16 11:45:02 UTC 
OpenJDK-8 upstream commit:
https://github.com/openjdk/jdk8u/commit/68d10daabaf9c939a5d2e665994c6d348f38cfd5

OpenJDK-11 upstream commit:
https://github.com/openjdk/jdk11u/commit/ea1389c971827876134a6d1d3ab2934681e9f3d6

OpenJDK-17 upstream commit:
https://github.com/openjdk/jdk17u/commit/0a89eb2588334226531e8e25ac340eabbc00bd6d

OpenJDK-21 upstream commit:
https://github.com/openjdk/jdk21u/commit/3048e287d8ea7d5e0d19d9188eb4212801ebf2a2
Comment 2 Mauro Matteo Cascella 2025-04-16 12:56:32 UTC 
This CVE was fixed in Oracle Java SE 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1.

Release notes:
https://www.oracle.com/java/technologies/javase/8u451-relnotes.html#R180_451
https://www.oracle.com/java/technologies/javase/8u451-perf-relnotes.html
https://www.oracle.com/java/technologies/javase/11-0-27-relnotes.html#R11_0_27
https://www.oracle.com/java/technologies/javase/17-0-15-relnotes.html#R17_0_15
https://www.oracle.com/java/technologies/javase/21-0-7-relnotes.html
https://www.oracle.com/java/technologies/javase/24-0-1-relnotes.html
Comment 3 errata-xmlrpc 2025-05-13 16:01:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2025:7508 https://access.redhat.com/errata/RHSA-2025:7508
Comment 4 Pandrhola 2025-07-26 04:11:57 UTC 
(In reply to errata-xmlrpc from comment #3)
> This issue has been addressed in the following products:
> 
>   Red Hat Enterprise Linux 10
> 
> Via RHSA-2025:7508 https://slopeio.org https://access.redhat.com/errata/RHSA-2025:7508

Link ID: Red Hat Product Errata RHSA-2025:7509
Comment 5 seraphina 2025-09-23 06:56:09 UTC Comment hidden (spam)
Comment 6 Cohn Elburn 2025-10-18 09:45:56 UTC 
Play https://paperiogame.io/ to conquer the largest territory.
Comment 8 michaeljordan 2025-10-22 09:40:53 UTC 
(In reply to Pandrhola from comment #4)
> (In reply to errata-xmlrpc from comment #3)
> > This issue has been addressed in the following products:
> > 
> >   Red Hat Enterprise Linux 10
> > 
> > Via RHSA-2025:7508 https://sloperun.io https://access.redhat.com/errata/RHSA-2025:7508
> 
> Link ID: Red Hat Product Errata RHSA-2025:7509
> > Will try this link
Comment 9 auhnaa 2025-11-13 02:35:15 UTC 
As you advance through the game, your goal should not only be to https://steal-brainrot.io but also to reinvest your earnings into stronger defenses and upgrades to secure your base.
Comment 10 anna stark 2025-12-12 08:23:23 UTC 
Your essay kept me engaged from start to finish. It’s clear, concise, and very well-structured. I’ve read quite a few articles on this topic, but yours stands out for its clarity and thoughtful approach https://iogames.games
Comment 11 Aurorana 2025-12-24 07:59:10 UTC 
It is highly actionable and inspiring—thank you for delivering such a high-quality product! https://snowrider3dsanta.io/
Comment 12 orbitkick1 2025-12-27 08:14:56 UTC 
Orbit Kick players should prioritize upgrading kick power in the early stages of the game: https://orbitkick.io
Comment 13 Joseph Adkins 2025-12-29 07:58:36 UTC Comment hidden (spam)
Comment 14 Joseph Adkins 2025-12-29 07:59:41 UTC Comment hidden (spam)
Comment 15 lanaderay 2026-01-15 09:12:32 UTC 
Warning: Addictive! Slide Down https://slidedown.io captivates players with its 'easy to grasp, hard to master' gameplay. The urge to conquer new records will keep you glued to the screen.
Comment 16 budi terbang 2026-02-05 05:41:57 UTC 
https://restaurantepantalan.com/reservas/
https://panamaembassy-southafrica.co.za/consular-services/
https://ragecagefl.com/about-1/
https://www.getkoitea.com/menu
https://americanranchmarket.com/menu/
https://lapasmamasa.com/mutasi/portir/
https://www.visitaceh.id/lapangan-blang-padang/
https://www.jksweb.id/blog/
BOBATOTO adalah situs togel toto 4d dengan pasaran terbanyak di indonesia
Comment 17 budi terbang 2026-02-05 06:18:28 UTC 
https://www.yossburgerbar.com/nuestro-menu/
https://play.wordleny.net/
https://renaissanceseniorliving.com/about-us/
https://sehaz.co/ar/
https://recipes.healthnorganicstamil.com
LTDTOTO adalah situs toto slot dengan winrate rtp tertinggi
Comment 18 budi terbang 2026-02-05 06:22:17 UTC 
https://www.jcbhorseandauto.com/horses-ponies
https://anuneuroandcardiac.com/doctors
https://thebrooklyndip.com/menu/
https://www.michelangelospizza-northport.com/menus/
SONTOGEL adalah salah satu situs slot toto dengan pembayaran terlengkap
Comment 19 budi terbang 2026-02-05 06:39:13 UTC 
https://alvinos.com/our-menu
https://de.newsoft.eu.com/
http://www.ajspizzawestboylston.com/services/
https://www.oscarsoldmetairie.com/menu
https://pho-hut-n-grill.com/menu
SESETOTO adalah situs terpercaya untuk togel dan toto macau
Comment 20 budi terbang 2026-02-05 06:42:55 UTC 
https://mariscos4vientos.com/our-menu/
https://www.gulfbreezemhp.com/current-rentals.html
https://thespasatorion.com/spamenu/
https://littlebickle.com/menu/
AMAVI5D adalah situs togel keluaran angka & prediksi jitu terbaik di indonesia
Comment 21 budi terbang 2026-02-05 06:46:01 UTC 
https://supedia.io/creators/mike-thurston
https://talentwave.io/about-us/
https://www.ligohealthcenter.com/doctors/
https://alexsjewelry.com/contact.html
AKUNTOTO adalah salah satu bandar togel online dengan hadiah jackpot terbesar serta pasaran yang lengkap
Comment 22 budi terbang 2026-02-05 06:49:28 UTC 
https://fr.newsoft.eu.com/
https://ampsocial.advoglobal.com/
https://www.elbas-goldensteersteakhouse.com/about
IDRTOTO adalah salah satu link situs togel terbesar dan terpercaya no 1 di Indonesia
Comment 23 budi terbang 2026-02-05 06:52:29 UTC 
https://panchoslansing.com/menu/
https://rsiaksi.com/contact/
https://www.qfs-inc.com/contact/
https://www.pammoteltx.com/rooms.php
BEJOTOTO adalah salah satu bandar game terbaik dengan hadiah yang mencapai ratusan juta rupiah
Comment 24 budi terbang 2026-02-05 06:55:48 UTC 
https://docs.neoraffle.io/
https://m.mapo92.com/
Kientoto adalah salah satu situs online dengan hadiah terbesar
Comment 25 budi terbang 2026-02-05 06:59:36 UTC 
https://www.koltimnews.com/2023/06/anggrek-sorume-kolaka-timur-menggema-di.html
https://www.pekayon-desa.id/
https://dspeduli.id/muhasabah/
https://www.perkuad-media.id/susunan-redaksi/
Wangtogel hadir sebagai platform taruhan terbesar yang memberikan keamanan dan kenyamanan yang berlisensi
Comment 26 budi terbang 2026-02-05 07:02:08 UTC 
https://www.a2k4dkijakarta.com/keanggotaan/ahli-utama/
https://jurnal.iaisumsel.id/
https://batamadkalsel.com/category/nasional/
Logototo dikenal sebagai platform gaming terbaik yang sudah memiliki lisensi resmi
Note You need to log in before you can comment on or make changes to this bug.