A memory disclosure flaw was found in the FileChannelImpl class in the Libraries component of OpenJDK. An untrusted Java application or applet could use this flaw leak limited amount of Java Virtual Machine memory possibly containing sensitive information, resulting in a partial bypass of Java sandbox restrictions.
Public now via Oracle CPU January 2019: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA Fixed in Oracle Java 11.0.2, 8u201, and 7u211.
OpenJDK-8 upstream commit: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/01337312ad1e OpenJDK-11 upstream commit: http://hg.openjdk.java.net/jdk-updates/jdk11u/rev/ca77f2e01dd1
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:0416 https://access.redhat.com/errata/RHSA-2019:0416
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:0435 https://access.redhat.com/errata/RHSA-2019:0435
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:0436 https://access.redhat.com/errata/RHSA-2019:0436
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:0462 https://access.redhat.com/errata/RHSA-2019:0462
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:0464 https://access.redhat.com/errata/RHSA-2019:0464
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2019:0469 https://access.redhat.com/errata/RHSA-2019:0469
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Supplementary Via RHSA-2019:0472 https://access.redhat.com/errata/RHSA-2019:0472
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Supplementary Via RHSA-2019:0473 https://access.redhat.com/errata/RHSA-2019:0473
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2019:0474 https://access.redhat.com/errata/RHSA-2019:0474
This issue has been addressed in the following products: Red Hat Satellite 5.8 Via RHSA-2019:0640 https://access.redhat.com/errata/RHSA-2019:0640
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1238 https://access.redhat.com/errata/RHSA-2019:1238