Bug 1730110 (CVE-2019-2842) - CVE-2019-2842 OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511)
Summary: CVE-2019-2842 OpenJDK: Missing array bounds check in crypto providers (JCE, 8...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-2842
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1724471 1724472 1724473 1724474 1724475 1724476 1724477 1724478 1731477 1731478
Blocks: 1724463
TreeView+ depends on / blocked
 
Reported: 2019-07-15 21:11 UTC by Tomas Hoger
Modified: 2019-10-02 08:48 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-07 12:39:32 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:1811 0 None None None 2019-07-22 12:40:35 UTC
Red Hat Product Errata RHSA-2019:1815 0 None None None 2019-07-22 12:40:47 UTC
Red Hat Product Errata RHSA-2019:1816 0 None None None 2019-07-22 12:40:59 UTC
Red Hat Product Errata RHSA-2019:1839 0 None None None 2019-07-23 17:55:20 UTC
Red Hat Product Errata RHSA-2019:1840 0 None None None 2019-07-23 16:15:42 UTC

Description Tomas Hoger 2019-07-15 21:11:48 UTC 
It was discovered that crypto provider implementations in the JCE component of OpenJDK for crypto algorithms such as AES or SHA did not perform array bounds checks.  This could lead to out-of-bounds access if compiler intrinsics were used instead of the Java runtime implementations of the specific operations.
Comment 1 Tomas Hoger 2019-07-16 20:53:14 UTC 
Public now via Oracle CPU July 2019:

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA

Fixed in Oracle Java SE 8u221.
Comment 2 errata-xmlrpc 2019-07-22 12:40:34 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2019:1811 https://access.redhat.com/errata/RHSA-2019:1811
Comment 3 errata-xmlrpc 2019-07-22 12:40:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:1815 https://access.redhat.com/errata/RHSA-2019:1815
Comment 4 errata-xmlrpc 2019-07-22 12:40:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2019:1816 https://access.redhat.com/errata/RHSA-2019:1816
Comment 5 errata-xmlrpc 2019-07-23 16:15:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2019:1840 https://access.redhat.com/errata/RHSA-2019:1840
Comment 6 errata-xmlrpc 2019-07-23 17:55:19 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2019:1839 https://access.redhat.com/errata/RHSA-2019:1839
Comment 7 Tomas Hoger 2019-10-02 08:48:27 UTC 
OpenJDK-8 upstream commit:
http://hg.openjdk.java.net/jdk8u/jdk8u/hotspot/rev/55f693ba975d
http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/bdf644065d87

OpenJDK-7 upstream commit:
http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/f9541fe46eae
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d15ed96035d0
Note You need to log in before you can comment on or make changes to this bug.