An out-of-bounds access vulnerability was found in OpenJDK's 2D image handling. Oracle CPU advisory - July 2024: https://www.oracle.com/security-alerts/cpujul2024.html#AppendixJAVA
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:4564 https://access.redhat.com/errata/RHSA-2024:4564
This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.24 Via RHSA-2024:4565 https://access.redhat.com/errata/RHSA-2024:4565
This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.12 Via RHSA-2024:4569 https://access.redhat.com/errata/RHSA-2024:4569
This issue has been addressed in the following products: Red Hat Build of OpenJDK 21.0.4 Via RHSA-2024:4571 https://access.redhat.com/errata/RHSA-2024:4571
This issue has been addressed in the following products: Red Hat Build of OpenJDK 17.0.12 Via RHSA-2024:4570 https://access.redhat.com/errata/RHSA-2024:4570
This issue has been addressed in the following products: Red Hat Build of OpenJDK 21.0.4 Via RHSA-2024:4572 https://access.redhat.com/errata/RHSA-2024:4572
This issue has been addressed in the following products: Red Hat Build of OpenJDK 11.0.24 Via RHSA-2024:4566 https://access.redhat.com/errata/RHSA-2024:4566
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4567 https://access.redhat.com/errata/RHSA-2024:4567
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Via RHSA-2024:4573 https://access.redhat.com/errata/RHSA-2024:4573
This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u422 Via RHSA-2024:4561 https://access.redhat.com/errata/RHSA-2024:4561
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4568 https://access.redhat.com/errata/RHSA-2024:4568
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.8 Extended Update Support Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat Enterprise Linux 9 Via RHSA-2024:4563 https://access.redhat.com/errata/RHSA-2024:4563
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2024:4560 https://access.redhat.com/errata/RHSA-2024:4560
This issue has been addressed in the following products: Red Hat Build of OpenJDK 8u422 Via RHSA-2024:4562 https://access.redhat.com/errata/RHSA-2024:4562
OpenJDK-8 upstream commit: https://github.com/openjdk/jdk8u/commit/dfbb2cfbc4887184487206224f0503a7ccd2b3f6 OpenJDK-11 upstream commit: https://github.com/openjdk/jdk11u/commit/3d25b4a34aced8fa14a28d8c45fde6fb61a070c0 OpenJDK-17 upstream commit: https://github.com/openjdk/jdk17u/commit/b2a810a406d5726035db3bac90aba482360aad37 OpenJDK-21 upstream commit: https://github.com/openjdk/jdk21u/commit/23b87539d8b2418c194a823f247b72ca899cd544