Bug 2108554 (CVE-2022-34169) - CVE-2022-34169 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Summary: CVE-2022-34169 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-34169
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2106507 2106509 2106515 2106517 2106522 2106524 2121480 2106502 2106503 2106504 2106505 2106506 2106508 2106510 2106511 2106512 2106513 2106514 2106516 2106518 2106519 2106520 2106521 2106523
Blocks: 2106494
TreeView+ depends on / blocked
 
Reported: 2022-07-19 10:26 UTC by Mauro Matteo Cascella
Modified: 2022-08-30 17:55 UTC (History)
21 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-08-30 17:55:55 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2022:5690 0 None None None 2022-07-21 21:02:30 UTC
Red Hat Product Errata RHBA-2022:5705 0 None None None 2022-07-25 22:03:14 UTC
Red Hat Product Errata RHBA-2022:5706 0 None None None 2022-07-25 22:01:01 UTC
Red Hat Product Errata RHBA-2022:5707 0 None None None 2022-07-25 21:57:42 UTC
Red Hat Product Errata RHBA-2022:5708 0 None None None 2022-07-25 22:05:20 UTC
Red Hat Product Errata RHBA-2022:5710 0 None None None 2022-07-26 10:15:36 UTC
Red Hat Product Errata RHBA-2022:5712 0 None None None 2022-07-26 12:16:43 UTC
Red Hat Product Errata RHBA-2022:5722 0 None None None 2022-07-26 15:59:01 UTC
Red Hat Product Errata RHBA-2022:5724 0 None None None 2022-07-26 16:26:43 UTC
Red Hat Product Errata RHBA-2022:5728 0 None None None 2022-07-26 21:37:37 UTC
Red Hat Product Errata RHBA-2022:5750 0 None None None 2022-07-28 12:40:24 UTC
Red Hat Product Errata RHBA-2022:5751 0 None None None 2022-07-28 12:38:25 UTC
Red Hat Product Errata RHBA-2022:5752 0 None None None 2022-07-28 14:13:15 UTC
Red Hat Product Errata RHBA-2022:5763 0 None None None 2022-07-28 19:44:07 UTC
Red Hat Product Errata RHBA-2022:5782 0 None None None 2022-08-01 11:50:28 UTC
Red Hat Product Errata RHBA-2022:5783 0 None None None 2022-08-01 11:53:27 UTC
Red Hat Product Errata RHBA-2022:5784 0 None None None 2022-08-01 11:55:07 UTC
Red Hat Product Errata RHBA-2022:5873 0 None None None 2022-08-03 08:58:54 UTC
Red Hat Product Errata RHBA-2022:5882 0 None None None 2022-08-03 10:35:46 UTC
Red Hat Product Errata RHBA-2022:5885 0 None None None 2022-08-03 15:36:56 UTC
Red Hat Product Errata RHBA-2022:5886 0 None None None 2022-08-03 15:38:14 UTC
Red Hat Product Errata RHBA-2022:6025 0 None None None 2022-08-10 03:14:43 UTC
Red Hat Product Errata RHBA-2022:6031 0 None None None 2022-08-10 07:22:30 UTC
Red Hat Product Errata RHBA-2022:6045 0 None None None 2022-08-10 14:41:27 UTC
Red Hat Product Errata RHBA-2022:6049 0 None None None 2022-08-10 17:01:16 UTC
Red Hat Product Errata RHBA-2022:6050 0 None None None 2022-08-10 17:47:26 UTC
Red Hat Product Errata RHBA-2022:6059 0 None None None 2022-08-15 08:40:05 UTC
Red Hat Product Errata RHBA-2022:6067 0 None None None 2022-08-15 10:45:11 UTC
Red Hat Product Errata RHBA-2022:6076 0 None None None 2022-08-16 10:39:16 UTC
Red Hat Product Errata RHBA-2022:6077 0 None None None 2022-08-16 10:35:07 UTC
Red Hat Product Errata RHBA-2022:6112 0 None None None 2022-08-18 11:44:30 UTC
Red Hat Product Errata RHBA-2022:6140 0 None None None 2022-08-23 18:08:56 UTC
Red Hat Product Errata RHBA-2022:6186 0 None None None 2022-08-25 08:14:11 UTC
Red Hat Product Errata RHSA-2022:5681 0 None None None 2022-07-21 15:26:29 UTC
Red Hat Product Errata RHSA-2022:5683 0 None None None 2022-07-21 15:23:53 UTC
Red Hat Product Errata RHSA-2022:5684 0 None None None 2022-07-21 15:00:43 UTC
Red Hat Product Errata RHSA-2022:5685 0 None None None 2022-07-21 14:10:01 UTC
Red Hat Product Errata RHSA-2022:5687 0 None None None 2022-07-21 16:48:30 UTC
Red Hat Product Errata RHSA-2022:5695 0 None None None 2022-07-25 14:52:25 UTC
Red Hat Product Errata RHSA-2022:5696 0 None None None 2022-07-25 15:42:12 UTC
Red Hat Product Errata RHSA-2022:5697 0 None None None 2022-07-25 15:40:40 UTC
Red Hat Product Errata RHSA-2022:5698 0 None None None 2022-07-25 18:17:36 UTC
Red Hat Product Errata RHSA-2022:5700 0 None None None 2022-07-25 15:53:00 UTC
Red Hat Product Errata RHSA-2022:5701 0 None None None 2022-07-25 15:30:07 UTC
Red Hat Product Errata RHSA-2022:5709 0 None None None 2022-07-25 23:15:38 UTC
Red Hat Product Errata RHSA-2022:5726 0 None None None 2022-07-26 18:21:10 UTC
Red Hat Product Errata RHSA-2022:5736 0 None None None 2022-07-27 13:20:06 UTC
Red Hat Product Errata RHSA-2022:5753 0 None None None 2022-07-28 15:32:54 UTC
Red Hat Product Errata RHSA-2022:5754 0 None None None 2022-07-28 15:33:38 UTC
Red Hat Product Errata RHSA-2022:5755 0 None None None 2022-07-28 15:40:31 UTC
Red Hat Product Errata RHSA-2022:5756 0 None None None 2022-07-28 15:41:15 UTC
Red Hat Product Errata RHSA-2022:5757 0 None None None 2022-07-28 15:46:41 UTC
Red Hat Product Errata RHSA-2022:5758 0 None None None 2022-07-28 15:47:27 UTC

Description Mauro Matteo Cascella 2022-07-19 10:26:32 UTC
An integer truncation issue was found in the Xalan Java XSLT library when processing malicious stylesheets. This flaw could be used to potentially execute arbitrary Java bytecode.

Comment 8 errata-xmlrpc 2022-07-21 14:10:00 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:5685 https://access.redhat.com/errata/RHSA-2022:5685

Comment 9 errata-xmlrpc 2022-07-21 15:00:41 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:5684 https://access.redhat.com/errata/RHSA-2022:5684

Comment 10 errata-xmlrpc 2022-07-21 15:23:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:5683 https://access.redhat.com/errata/RHSA-2022:5683

Comment 11 errata-xmlrpc 2022-07-21 15:26:28 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:5681 https://access.redhat.com/errata/RHSA-2022:5681

Comment 12 errata-xmlrpc 2022-07-21 16:48:28 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:5687 https://access.redhat.com/errata/RHSA-2022:5687

Comment 13 errata-xmlrpc 2022-07-25 14:52:22 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5695 https://access.redhat.com/errata/RHSA-2022:5695

Comment 14 errata-xmlrpc 2022-07-25 15:30:05 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2022:5701 https://access.redhat.com/errata/RHSA-2022:5701

Comment 15 errata-xmlrpc 2022-07-25 15:40:38 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Extended Update Support

Via RHSA-2022:5697 https://access.redhat.com/errata/RHSA-2022:5697

Comment 16 errata-xmlrpc 2022-07-25 15:42:09 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:5696 https://access.redhat.com/errata/RHSA-2022:5696

Comment 17 errata-xmlrpc 2022-07-25 15:52:57 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2022:5700 https://access.redhat.com/errata/RHSA-2022:5700

Comment 18 errata-xmlrpc 2022-07-25 18:17:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2022:5698 https://access.redhat.com/errata/RHSA-2022:5698

Comment 19 errata-xmlrpc 2022-07-25 23:15:35 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5709 https://access.redhat.com/errata/RHSA-2022:5709

Comment 20 errata-xmlrpc 2022-07-26 18:21:07 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:5726 https://access.redhat.com/errata/RHSA-2022:5726

Comment 21 errata-xmlrpc 2022-07-27 13:20:04 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2022:5736 https://access.redhat.com/errata/RHSA-2022:5736

Comment 22 errata-xmlrpc 2022-07-28 15:32:51 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 8u342

Via RHSA-2022:5753 https://access.redhat.com/errata/RHSA-2022:5753

Comment 23 errata-xmlrpc 2022-07-28 15:33:36 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 8u342

Via RHSA-2022:5754 https://access.redhat.com/errata/RHSA-2022:5754

Comment 24 errata-xmlrpc 2022-07-28 15:40:28 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 11.0.16

Via RHSA-2022:5755 https://access.redhat.com/errata/RHSA-2022:5755

Comment 25 errata-xmlrpc 2022-07-28 15:41:10 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 11.0.16

Via RHSA-2022:5756 https://access.redhat.com/errata/RHSA-2022:5756

Comment 26 errata-xmlrpc 2022-07-28 15:46:38 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 17.0.4

Via RHSA-2022:5757 https://access.redhat.com/errata/RHSA-2022:5757

Comment 27 errata-xmlrpc 2022-07-28 15:47:25 UTC
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 17.0.4

Via RHSA-2022:5758 https://access.redhat.com/errata/RHSA-2022:5758

Comment 30 Product Security DevOps Team 2022-08-30 17:55:51 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-34169


Note You need to log in before you can comment on or make changes to this bug.