CVE-2024-3933

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage 1, could allow access to a buffer with an incorrect...

CVE-2024-3933

CVE-2024-3933 affects IBM OpenJ9/OpenJDK builds older than 0.44.0 (and between 0.13.0) on IBM Z with guarded storage, where arraycopy during Concurrent Scavenge GC can permit reading/writing beyond the end of the source/destination, due to a mismatch in System.arrayCopy length handling. The vulne...