Moderate: Red Hat Security Advisory: OpenJDK 17.0.14 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Moderate: Red Hat Security Advisory: java-17-openjdk security update for RHEL 8.6, 8.8, 8.10, 9.4 and 9.5

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 8, Red Hat Enterprise...

openjdk: Enhance array handling (Oracle CPU 2025-01)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...

Moderate: Red Hat Security Advisory: java-17-openjdk security update for RHEL 8.4

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this...

openjdk: Enhance array handling (Oracle CPU 2025-01)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...

openjdk: Enhance array handling (Oracle CPU 2025-01)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...

Moderate: Red Hat Security Advisory: java-17-openjdk security update for RHEL 9.0 and 9.2

An update for java-17-openjdk is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions and Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...

openjdk: Enhance array handling (Oracle CPU 2025-01)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to Oracle Java SE accessible. This vulnerability can be...

Moderate: Red Hat Security Advisory: java-11-openjdk ELS security update

An update for java-11-openjdk with Extended Lifecycle Support is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Red Hat Enterprise Linux 9. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit...

SUSE CVE-2024-57934

In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...

ALSA-2025:0422 Moderate: java-17-openjdk security update for AlmaLinux 8.6, 8.8, 8.10, 9.4 and 9.5

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 Bug Fixes: The AlmaLinux OpenJDK packages rely on the copy-jdk-configs package to transfer configuration files ...

Moderate: java-17-openjdk security update for AlmaLinux 8.6, 8.8, 8.10, 9.4 and 9.5

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 Bug Fixes: The AlmaLinux OpenJDK packages rely on the copy-jdk-configs package to transfer configuration files ...

Moderate: java-21-openjdk security update for AlmaLinux 8.10, 9.4 and 9.5

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

DEBIAN-CVE-2024-57934

In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...

DEBIAN-CVE-2024-57930

In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a TRACEEVENT TPfastassign assigns an address of an allocated string to the ring buffer and then references it in TPprintk, which can be executed...

UBUNTU-CVE-2024-57934

In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...

UBUNTU-CVE-2024-57930

In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a TRACEEVENT TPfastassign assigns an address of an allocated string to the ring buffer and then references it in TPprintk, which can be executed...

CVE-2024-57934

The CVE-2024-57934 entry concerns a race in Linux kernel fgraph handling where fgraph_array[] access can race with updates to a fgraph_stub, potentially triggering a NULL pointer dereference. The fixed patch adds READ_ONCE() protection when accessing fgraph_array[] to ensure consistency between t...

CVE-2024-57934 fgraph: Add READ_ONCE() when accessing fgraph_array[]

In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...

CVE-2024-57934 fgraph: Add READ_ONCE() when accessing fgraph_array[]

In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...