Bug 1791284 (CVE-2020-2659) - CVE-2020-2659 OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)
Summary: CVE-2020-2659 OpenJDK: Incomplete enforcement of maxDatagramSockets limit in ...
Keywords:
Status: NEW
Alias: CVE-2020-2659
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1785754
TreeView+ depends on / blocked
 
Reported: 2020-01-15 12:59 UTC by Tomas Hoger
Modified: 2020-02-20 08:31 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:0212 None None None 2020-01-23 14:05:02 UTC
Red Hat Product Errata RHBA-2020:0220 None None None 2020-01-23 17:00:33 UTC
Red Hat Product Errata RHBA-2020:0225 None None None 2020-01-27 01:22:07 UTC
Red Hat Product Errata RHBA-2020:0226 None None None 2020-01-27 01:22:52 UTC
Red Hat Product Errata RHBA-2020:0238 None None None 2020-01-27 12:25:22 UTC
Red Hat Product Errata RHBA-2020:0240 None None None 2020-01-27 12:26:42 UTC
Red Hat Product Errata RHBA-2020:0241 None None None 2020-01-27 12:29:20 UTC
Red Hat Product Errata RHBA-2020:0311 None None None 2020-01-30 20:06:38 UTC
Red Hat Product Errata RHBA-2020:0318 None None None 2020-02-03 10:27:55 UTC
Red Hat Product Errata RHBA-2020:0558 None None None 2020-02-20 08:31:12 UTC
Red Hat Product Errata RHSA-2020:0157 None None None 2020-01-21 03:02:10 UTC
Red Hat Product Errata RHSA-2020:0196 None None None 2020-01-21 23:00:58 UTC
Red Hat Product Errata RHSA-2020:0202 None None None 2020-01-22 13:04:55 UTC
Red Hat Product Errata RHSA-2020:0231 None None None 2020-01-27 08:54:43 UTC
Red Hat Product Errata RHSA-2020:0465 None None None 2020-02-11 03:56:50 UTC
Red Hat Product Errata RHSA-2020:0467 None None None 2020-02-11 08:28:40 UTC
Red Hat Product Errata RHSA-2020:0468 None None None 2020-02-11 08:32:34 UTC
Red Hat Product Errata RHSA-2020:0469 None None None 2020-02-11 08:30:41 UTC
Red Hat Product Errata RHSA-2020:0470 None None None 2020-02-11 08:33:57 UTC
Red Hat Product Errata RHSA-2020:0541 None None None 2020-02-18 15:28:49 UTC

Description Tomas Hoger 2020-01-15 12:59:17 UTC
It was discovered that the DatagramChannelImpl class in the Networking component of OpenJDK failed to completely enforce the limit of the number of datagram sockets (set using the sun.net.maxDatagramSockets system property) that can be created by a code running with the Java sandbox restrictions.  An untrusted Java code could use this flaw to bypass the intended Java sandbox restriction.

Comment 1 Tomas Hoger 2020-01-15 13:00:16 UTC
Public now via Oracle CPU January 2020:

https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA

Fixed in Oracle Java SE 8u241 and 7u251.

Comment 2 errata-xmlrpc 2020-01-21 03:02:09 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2020:0157 https://access.redhat.com/errata/RHSA-2020:0157

Comment 3 errata-xmlrpc 2020-01-21 23:00:57 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:0196 https://access.redhat.com/errata/RHSA-2020:0196

Comment 4 errata-xmlrpc 2020-01-22 13:04:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:0202 https://access.redhat.com/errata/RHSA-2020:0202

Comment 5 errata-xmlrpc 2020-01-27 08:54:42 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions

Via RHSA-2020:0231 https://access.redhat.com/errata/RHSA-2020:0231

Comment 8 errata-xmlrpc 2020-02-11 03:56:49 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:0465 https://access.redhat.com/errata/RHSA-2020:0465

Comment 9 errata-xmlrpc 2020-02-11 08:28:37 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2020:0467 https://access.redhat.com/errata/RHSA-2020:0467

Comment 10 errata-xmlrpc 2020-02-11 08:30:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Supplementary

Via RHSA-2020:0469 https://access.redhat.com/errata/RHSA-2020:0469

Comment 11 errata-xmlrpc 2020-02-11 08:32:30 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2020:0468 https://access.redhat.com/errata/RHSA-2020:0468

Comment 12 errata-xmlrpc 2020-02-11 08:33:54 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2020:0470 https://access.redhat.com/errata/RHSA-2020:0470

Comment 13 errata-xmlrpc 2020-02-18 15:28:48 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:0541 https://access.redhat.com/errata/RHSA-2020:0541


Note You need to log in before you can comment on or make changes to this bug.