Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 745397 - (CVE-2011-3552) CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)
CVE-2011-3552 OpenJDK: excessive default UDP socket limit under SecurityManag...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20111018,reported=2...
: Security
Depends On: 744786 744787 744788 744789 744819 744820 744822 755960 755961 755962 769184 769185 769186 769324 769325 769326 769327 769328
Blocks: 744688
  Show dependency treegraph
 
Reported: 2011-10-12 05:01 EDT by Tomas Hoger
Modified: 2013-10-23 13:00 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-02-29 10:03:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1380 normal SHIPPED_LIVE Critical: java-1.6.0-openjdk security update 2011-10-18 19:26:12 EDT
Red Hat Product Errata RHSA-2011:1384 normal SHIPPED_LIVE Critical: java-1.6.0-sun security update 2011-10-19 13:22:32 EDT
Red Hat Product Errata RHSA-2011:1478 normal SHIPPED_LIVE Critical: java-1.5.0-ibm security update 2011-11-24 16:02:20 EST
Red Hat Product Errata RHSA-2012:0006 normal SHIPPED_LIVE Critical: java-1.4.2-ibm security update 2012-01-09 20:07:05 EST
Red Hat Product Errata RHSA-2012:0034 normal SHIPPED_LIVE Critical: java-1.6.0-ibm security update 2012-01-18 19:24:35 EST
Red Hat Product Errata RHSA-2012:0343 normal SHIPPED_LIVE Moderate: java-1.4.2-ibm-sap security update 2012-02-29 14:46:35 EST
Red Hat Product Errata RHSA-2013:1455 normal SHIPPED_LIVE Low: Red Hat Network Satellite server IBM Java Runtime security update 2013-10-23 16:30:21 EDT

  None (edit)
Description Tomas Hoger 2011-10-12 05:01:14 EDT 
It was discovered that the number of UDP sockets an application running with SecurityManager restrictions can use by default was set too high.  If multiple instances of a malicious applications were started at the same time, it can result in exhaustion of all available UDP sockets, possibly blocking other applications on the system from being able to do UDP network communication.
Comment 3 Vincent Danen 2011-10-18 16:49:38 EDT 
External References:

http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
Comment 4 errata-xmlrpc 2011-10-18 19:27:02 EDT 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 5

Via RHSA-2011:1380 https://rhn.redhat.com/errata/RHSA-2011-1380.html
Comment 6 errata-xmlrpc 2011-10-19 13:23:28 EDT 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 6
  Supplementary for Red Hat Enterprise Linux 5
  Extras for RHEL 4

Via RHSA-2011:1384 https://rhn.redhat.com/errata/RHSA-2011-1384.html
Comment 7 Fedora Update System 2011-11-04 21:26:17 EDT 
java-1.6.0-openjdk-1.6.0.0-60.1.10.4.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 errata-xmlrpc 2011-11-24 11:03:13 EST 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Extras for RHEL 4
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2011:1478 https://rhn.redhat.com/errata/RHSA-2011-1478.html
Comment 9 errata-xmlrpc 2012-01-09 15:08:48 EST 
This issue has been addressed in following products:

  Extras for RHEL 4
  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2012:0006 https://rhn.redhat.com/errata/RHSA-2012-0006.html
Comment 10 errata-xmlrpc 2012-01-18 14:25:56 EST 
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Extras for RHEL 4
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2012:0034 https://rhn.redhat.com/errata/RHSA-2012-0034.html
Comment 11 errata-xmlrpc 2012-02-29 09:48:36 EST 
This issue has been addressed in following products:

  RHEL 4 for SAP
  RHEL 5 for SAP
  RHEL 6 for SAP

Via RHSA-2012:0343 https://rhn.redhat.com/errata/RHSA-2012-0343.html
Comment 12 errata-xmlrpc 2013-10-23 13:00:46 EDT 
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.4

Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.