Bug 856588 - (CVE-2012-4420) CVE-2012-4420 java-1.7.0-openjdk: JVM heap memory disclosure
CVE-2012-4420 java-1.7.0-openjdk: JVM heap memory disclosure
Status: CLOSED DUPLICATE of bug 856124
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
Blocks: 862579
  Show dependency treegraph
Reported: 2012-09-12 07:17 EDT by Jan Lieskovsky
Modified: 2012-10-17 03:55 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-10-17 03:54:50 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2012-09-12 07:17:02 EDT
An information disclosure flaw was found in the way Java Virtual Machine (JVM) implemenation of Java SE 7 as provided by OpenJDK 7, used to initialize integer arrays (they have had nonzero elements right after the allocation in certain circumstances). An attacker could use this flaw to obtain potentially sensitive information. This flaw may also lead to various functionality problems that do not have security impacts.

References (including the reproducer):
[1] http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7196857
[2] http://www.openwall.com/lists/oss-security/2012/09/12/4
Comment 1 Ray Greenwell 2012-09-19 19:19:31 EDT
This is a serious bug, not just an "information disclosure flaw".

The JLS says that all variables are initialized to 0/null, and code often relies on this fact.

I arrived here, finding this bug report, after tracking down an extremely serious issue with live production code. This isn't just "information disclosure", it's a problem with math not working in running code.

Thank goodness for the "-XX:-OptimizeFill" argument.
Comment 2 David Jorm 2012-09-19 21:36:41 EDT
(In reply to comment #1)
> This is a serious bug, not just an "information disclosure flaw".

This is a CVE tracking bug, intended primarily to capture the security impact of this flaw. I have added a note about non-security impacts to the flaw description.
Comment 3 Tomas Hoger 2012-10-17 03:54:50 EDT

*** This bug has been marked as a duplicate of bug 856124 ***

Note You need to log in before you can comment on or make changes to this bug.