Bug 2221647 (CVE-2023-22049) - CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)
Summary: CVE-2023-22049 OpenJDK: improper handling of slash characters in URI-to-path ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2023-22049
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2221108 2221109 2221110 2221111 2221112 2221113 2221114 2221115 2221116 2221118 2221119 2221120 2221121 2221122 2221123 2221124 2221125 2221126 2221127 2221128 2221129 2221130 2221131 2221132 2221133 2222049 2222050 2224350 2233132 2233133 2233134
Blocks: 2221090
TreeView+ depends on / blocked
 
Reported: 2023-07-10 13:44 UTC by Mauro Matteo Cascella
Modified: 2024-05-16 11:35 UTC (History)
20 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2023-08-07 15:00:00 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:4157 0 None None None 2023-07-19 17:23:54 UTC
Red Hat Product Errata RHSA-2023:4158 0 None None None 2023-07-20 12:14:01 UTC
Red Hat Product Errata RHSA-2023:4159 0 None None None 2023-07-20 12:17:45 UTC
Red Hat Product Errata RHSA-2023:4161 0 None None None 2023-07-20 12:11:48 UTC
Red Hat Product Errata RHSA-2023:4162 0 None None None 2023-07-19 17:21:55 UTC
Red Hat Product Errata RHSA-2023:4163 0 None None None 2023-07-19 17:24:23 UTC
Red Hat Product Errata RHSA-2023:4164 0 None None None 2023-07-19 17:23:28 UTC
Red Hat Product Errata RHSA-2023:4165 0 None None None 2023-07-19 17:21:40 UTC
Red Hat Product Errata RHSA-2023:4166 0 None None None 2023-07-21 13:57:55 UTC
Red Hat Product Errata RHSA-2023:4167 0 None None None 2023-07-19 17:20:53 UTC
Red Hat Product Errata RHSA-2023:4168 0 None None None 2023-07-19 17:21:04 UTC
Red Hat Product Errata RHSA-2023:4169 0 None None None 2023-07-19 17:24:02 UTC
Red Hat Product Errata RHSA-2023:4170 0 None None None 2023-07-19 17:14:42 UTC
Red Hat Product Errata RHSA-2023:4171 0 None None None 2023-07-19 17:17:53 UTC
Red Hat Product Errata RHSA-2023:4172 0 None None None 2023-07-19 17:24:13 UTC
Red Hat Product Errata RHSA-2023:4173 0 None None None 2023-07-19 17:23:33 UTC
Red Hat Product Errata RHSA-2023:4174 0 None None None 2023-07-19 17:33:59 UTC
Red Hat Product Errata RHSA-2023:4175 0 None None None 2023-07-20 12:17:54 UTC
Red Hat Product Errata RHSA-2023:4176 0 None None None 2023-07-20 12:17:27 UTC
Red Hat Product Errata RHSA-2023:4177 0 None None None 2023-07-20 12:13:56 UTC
Red Hat Product Errata RHSA-2023:4178 0 None None None 2023-07-20 13:04:35 UTC
Red Hat Product Errata RHSA-2023:4208 0 None None None 2023-07-20 12:11:56 UTC
Red Hat Product Errata RHSA-2023:4209 0 None None None 2023-07-20 12:11:38 UTC
Red Hat Product Errata RHSA-2023:4210 0 None None None 2023-07-20 12:12:10 UTC
Red Hat Product Errata RHSA-2023:4211 0 None None None 2023-07-20 12:12:16 UTC
Red Hat Product Errata RHSA-2023:4212 0 None None None 2023-07-20 12:13:48 UTC
Red Hat Product Errata RHSA-2023:4233 0 None None None 2023-07-21 14:01:16 UTC
Red Hat Product Errata RHSA-2023:4876 0 None None None 2023-08-30 13:43:06 UTC
Red Hat Product Errata RHSA-2023:4877 0 None None None 2023-08-30 13:43:53 UTC

Description Mauro Matteo Cascella 2023-07-10 13:44:58 UTC 
It was discovered that the UnixUriUtils class in the Libraries component of OpenJDK failed to sanitize strings containing slash characters when converting URIs to file system paths. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions by creating Path objects with invalid paths.
Comment 4 errata-xmlrpc 2023-07-19 17:14:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:4170 https://access.redhat.com/errata/RHSA-2023:4170
Comment 5 errata-xmlrpc 2023-07-19 17:17:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:4171 https://access.redhat.com/errata/RHSA-2023:4171
Comment 6 errata-xmlrpc 2023-07-19 17:20:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:4167 https://access.redhat.com/errata/RHSA-2023:4167
Comment 7 errata-xmlrpc 2023-07-19 17:21:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:4168 https://access.redhat.com/errata/RHSA-2023:4168
Comment 8 errata-xmlrpc 2023-07-19 17:21:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:4165 https://access.redhat.com/errata/RHSA-2023:4165
Comment 9 errata-xmlrpc 2023-07-19 17:21:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:4162 https://access.redhat.com/errata/RHSA-2023:4162
Comment 10 errata-xmlrpc 2023-07-19 17:23:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:4164 https://access.redhat.com/errata/RHSA-2023:4164
Comment 11 errata-xmlrpc 2023-07-19 17:23:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:4173 https://access.redhat.com/errata/RHSA-2023:4173
Comment 12 errata-xmlrpc 2023-07-19 17:23:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:4157 https://access.redhat.com/errata/RHSA-2023:4157
Comment 13 errata-xmlrpc 2023-07-19 17:24:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:4169 https://access.redhat.com/errata/RHSA-2023:4169
Comment 14 errata-xmlrpc 2023-07-19 17:24:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:4172 https://access.redhat.com/errata/RHSA-2023:4172
Comment 15 errata-xmlrpc 2023-07-19 17:24:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2023:4163 https://access.redhat.com/errata/RHSA-2023:4163
Comment 16 errata-xmlrpc 2023-07-19 17:33:57 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:4174 https://access.redhat.com/errata/RHSA-2023:4174
Comment 17 errata-xmlrpc 2023-07-20 12:11:37 UTC 
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 8u382

Via RHSA-2023:4209 https://access.redhat.com/errata/RHSA-2023:4209
Comment 18 errata-xmlrpc 2023-07-20 12:11:46 UTC 
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 11.0.20

Via RHSA-2023:4161 https://access.redhat.com/errata/RHSA-2023:4161
Comment 19 errata-xmlrpc 2023-07-20 12:11:54 UTC 
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 11.0.20

Via RHSA-2023:4208 https://access.redhat.com/errata/RHSA-2023:4208
Comment 20 errata-xmlrpc 2023-07-20 12:12:08 UTC 
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 17.0.8

Via RHSA-2023:4210 https://access.redhat.com/errata/RHSA-2023:4210
Comment 21 errata-xmlrpc 2023-07-20 12:12:14 UTC 
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 17.0.8

Via RHSA-2023:4211 https://access.redhat.com/errata/RHSA-2023:4211
Comment 22 errata-xmlrpc 2023-07-20 12:13:46 UTC 
This issue has been addressed in the following products:

  Red Hat Build of OpenJDK 8u382

Via RHSA-2023:4212 https://access.redhat.com/errata/RHSA-2023:4212
Comment 23 errata-xmlrpc 2023-07-20 12:13:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:4177 https://access.redhat.com/errata/RHSA-2023:4177
Comment 24 errata-xmlrpc 2023-07-20 12:14:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:4158 https://access.redhat.com/errata/RHSA-2023:4158
Comment 25 errata-xmlrpc 2023-07-20 12:17:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4176 https://access.redhat.com/errata/RHSA-2023:4176
Comment 26 errata-xmlrpc 2023-07-20 12:17:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4159 https://access.redhat.com/errata/RHSA-2023:4159
Comment 27 errata-xmlrpc 2023-07-20 12:17:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4175 https://access.redhat.com/errata/RHSA-2023:4175
Comment 28 errata-xmlrpc 2023-07-20 13:04:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:4178 https://access.redhat.com/errata/RHSA-2023:4178
Comment 29 errata-xmlrpc 2023-07-21 13:57:53 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:4166 https://access.redhat.com/errata/RHSA-2023:4166
Comment 30 errata-xmlrpc 2023-07-21 14:01:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2023:4233 https://access.redhat.com/errata/RHSA-2023:4233
Comment 31 Product Security DevOps Team 2023-08-07 14:59:57 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-22049
Comment 32 Mauro Matteo Cascella 2023-08-11 10:13:10 UTC 
OpenJDK-8 upstream commit:
https://github.com/openjdk/jdk8u/commit/50e903b61fadc20fc297aff2cc2295c35be0edde

OpenJDK-11 upstream commit:
https://github.com/openjdk/jdk11u/commit/18939b76259456e85cfa051dc595e57242ca4ef8

OpenJDK-17 upstream commit:
https://github.com/openjdk/jdk17u/commit/bc9d9c0e705cfc27f34383e68bd3b42cd8557a7b
Comment 33 Mauro Matteo Cascella 2023-08-11 13:09:08 UTC 
Oracle CPU July 2023:

https://www.oracle.com/security-alerts/cpujul2023.html#AppendixJAVA

Fixed in Oracle Java SE 8u381, 11.0.20, 17.0.8, 20.0.2.

Release notes:
https://www.oracle.com/java/technologies/javase/8u381-relnotes.html
https://www.oracle.com/java/technologies/javase/11-0-20-relnotes.html
https://www.oracle.com/java/technologies/javase/17-0-8-relnotes.html
https://www.oracle.com/java/technologies/javase/20-0-2-relnotes.html
Comment 42 errata-xmlrpc 2023-08-30 13:43:04 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Supplementary

Via RHSA-2023:4876 https://access.redhat.com/errata/RHSA-2023:4876
Comment 43 errata-xmlrpc 2023-08-30 13:43:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:4877 https://access.redhat.com/errata/RHSA-2023:4877
Note You need to log in before you can comment on or make changes to this bug.