Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-3747-2.NASL
HistorySep 13, 2018 - 12:00 a.m.

Ubuntu 18.04 LTS : OpenJDK 10 regression (USN-3747-2)

2018-09-1300:00:00
Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Ubuntu 18.04 LTS.
Unfortunately, that update introduced a regression around accessability support that prevented some Java applications from starting. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. (CVE-2018-2825, CVE-2018-2826)

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service (excessive memory consumption). (CVE-2018-2952)

Daniel Bleichenbacher discovered a vulnerability in the Galois/Counter Mode (GCM) mode of operation for symmetric block ciphers in OpenJDK.
An attacker could use this to expose sensitive information.
(CVE-2018-2972).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-3747-2. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('compat.inc');

if (description)
{
  script_id(117479);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/21");

  script_cve_id(
    "CVE-2018-2825",
    "CVE-2018-2826",
    "CVE-2018-2952",
    "CVE-2018-2972"
  );
  script_xref(name:"USN", value:"3747-2");

  script_name(english:"Ubuntu 18.04 LTS : OpenJDK 10 regression (USN-3747-2)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Ubuntu 18.04 LTS.
Unfortunately, that update introduced a regression around
accessability support that prevented some Java applications from
starting. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that OpenJDK did not properly validate types in some
situations. An attacker could use this to construct a Java class that
could possibly bypass sandbox restrictions. (CVE-2018-2825,
CVE-2018-2826)

It was discovered that the PatternSyntaxException class in OpenJDK did
not properly validate arguments passed to it. An attacker could use
this to potentially construct a class that caused a denial of service
(excessive memory consumption). (CVE-2018-2952)

Daniel Bleichenbacher discovered a vulnerability in the Galois/Counter
Mode (GCM) mode of operation for symmetric block ciphers in OpenJDK.
An attacker could use this to expose sensitive information.
(CVE-2018-2972).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-3747-2");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-2826");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/09/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-jdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-jdk-headless");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-jre");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-jre-headless");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-jre-zero");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-source");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:openjdk-11-demo");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '18.04', 'pkgname': 'openjdk-11-demo', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'},
    {'osver': '18.04', 'pkgname': 'openjdk-11-jdk', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'},
    {'osver': '18.04', 'pkgname': 'openjdk-11-jdk-headless', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'},
    {'osver': '18.04', 'pkgname': 'openjdk-11-jre', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'},
    {'osver': '18.04', 'pkgname': 'openjdk-11-jre-headless', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'},
    {'osver': '18.04', 'pkgname': 'openjdk-11-jre-zero', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'},
    {'osver': '18.04', 'pkgname': 'openjdk-11-source', 'pkgver': '10.0.2+13-1ubuntu0.18.04.2'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openjdk-11-demo / openjdk-11-jdk / openjdk-11-jdk-headless / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxopenjdk-11-jdkp-cpe:/a:canonical:ubuntu_linux:openjdk-11-jdk
canonicalubuntu_linuxopenjdk-11-jdk-headlessp-cpe:/a:canonical:ubuntu_linux:openjdk-11-jdk-headless
canonicalubuntu_linuxopenjdk-11-jrep-cpe:/a:canonical:ubuntu_linux:openjdk-11-jre
canonicalubuntu_linuxopenjdk-11-jre-headlessp-cpe:/a:canonical:ubuntu_linux:openjdk-11-jre-headless
canonicalubuntu_linuxopenjdk-11-jre-zerop-cpe:/a:canonical:ubuntu_linux:openjdk-11-jre-zero
canonicalubuntu_linuxopenjdk-11-sourcep-cpe:/a:canonical:ubuntu_linux:openjdk-11-source
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linuxopenjdk-11-demop-cpe:/a:canonical:ubuntu_linux:openjdk-11-demo

Related

nessus 68
openvas 37
ubuntu 4
f5 2
ibm 32
suse 4
redhatcve 4
ubuntucve 4
cve 4
prion 4
zdi 2
oraclelinux 4
amazon 4
centos 4
debiancve 1
veracode 1
mageia 1
osv 1
alpinelinux 1
redhat 11
debian 1
kaspersky 2
photon 3
nessus
nessus
Ubuntu 18.04 LTS : OpenJDK 10 vulnerabilities (USN-3747-1)
2018-08-21 00:00:00
openSUSE Security Update : java-11-openjdk (openSUSE-2019-575)
2019-03-27 00:00:00
openSUSE Security Update : java-11-openjdk (openSUSE-2018-830)
2018-08-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3747-2)
2018-09-13 00:00:00
Ubuntu: Security Advisory (USN-3747-1)
2018-08-22 00:00:00
Oracle Java SE Security Updates (apr2018-3678067) 02 - Windows
2018-04-18 00:00:00
ubuntu
ubuntu
OpenJDK 10 vulnerabilities
2018-08-21 00:00:00
OpenJDK 10 regression
2018-09-12 00:00:00
OpenJDK 7 vulnerability
2018-08-10 00:00:00
f5
f5
K13655013 : Java vulnerabilities CVE-2018-2825 and CVE-2018-2826
2018-05-08 00:00:00
K000134793 : OpenJDK vulnerability CVE-2018-2952
2023-05-25 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight
2018-06-23 05:54:07
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM eDiscovery Analyzer
2019-09-13 10:56:40
Security Bulletin: IBM LMS On Premise - IBM SDK, Java Technology Edition Apr 2018 and Jul 2018 (CVE-2018-2783, CVE-2018-1517 , CVE-2018-2952)
2019-07-25 19:25:02
suse
suse
Security update for java-11-openjdk (moderate)
2018-08-09 00:07:34
Security update for java-10-openjdk (important)
2018-08-06 15:09:29
Security update for java-1_8_0-openjdk (important)
2018-10-06 18:11:53
redhatcve
redhatcve
CVE-2018-2972
2018-07-17 22:09:23
CVE-2018-2826
2018-04-17 21:18:56
CVE-2018-2952
2019-10-10 23:35:05
ubuntucve
ubuntucve
CVE-2018-2972
2018-07-18 00:00:00
CVE-2018-2826
2018-04-18 00:00:00
CVE-2018-2952
2018-07-18 00:00:00
cve
cve
CVE-2018-2972
2018-07-18 13:29:00
CVE-2018-2825
2018-04-19 02:29:00
CVE-2018-2826
2018-04-19 02:29:00
prion
prion
Design/Logic Flaw
2018-07-18 13:29:00
Design/Logic Flaw
2018-04-19 02:29:00
Design/Logic Flaw
2018-04-19 02:29:00
zdi
zdi
Oracle Java MethodHandles tryFinally Type Confusion Sandbox Escape Vulnerability
2018-04-18 00:00:00
Oracle Java MethodHandles setVolatile Type Confusion Sandbox Escape Vulnerability
2018-04-18 00:00:00
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2018-07-23 00:00:00
java-1.8.0-openjdk security and bug fix update
2018-07-23 00:00:00
java-1.7.0-openjdk security update
2018-07-30 00:00:00
amazon
amazon
Medium: java-1.7.0-openjdk
2018-08-21 21:06:00
Medium: java-1.8.0-openjdk
2018-08-08 18:12:00
Medium: java-1.7.0-openjdk
2018-08-22 18:58:00
centos
centos
java security update
2018-08-09 15:11:54
java security update
2018-07-25 15:44:57
java security update
2018-07-25 16:10:48
debiancve
debiancve
CVE-2018-2952
2018-07-18 13:29:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:24:50
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerability
2018-09-02 22:07:30
osv
osv
openjdk-8 - security update
2018-08-10 00:00:00
alpinelinux
alpinelinux
CVE-2018-2952
2018-07-18 13:29:00
redhat
redhat
(RHSA-2018:2283) Moderate: java-1.7.0-openjdk security update
2018-07-30 13:26:48
(RHSA-2018:2241) Moderate: java-1.8.0-openjdk security update
2018-07-23 13:16:13
(RHSA-2018:2286) Moderate: java-1.7.0-openjdk security update
2018-07-30 13:28:25
debian
debian
[SECURITY] [DSA 4268-1] openjdk-8 security update
2018-08-10 20:36:29
kaspersky
kaspersky
KLA11294 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
2018-07-16 00:00:00
KLA11234 Multiple vulnerabilities in Oracle Java SE, Java SE Embedded and JRockit
2018-04-17 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0130
2018-04-30 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0039
2018-04-27 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0077
2018-07-27 00:00:00
JSON
Related for UBUNTU_USN-3747-2.NASL
nessus68openvas37ubuntu4f52ibm32suse4redhatcve4ubuntucve4cve4prion4zdi2oraclelinux4amazon4centos4debiancve1veracode1mageia1osv1alpinelinux1redhat11debian1kaspersky2photon3