CVE-2022-40433

2023-08-2200:00:00

ubuntu.com

cve-2022-40433

oracle jdk

openjdk

denial of service

defense in depth

hotspot vm

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

DISPUTED An issue was discovered in function
ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK
(HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service.
Note: Vendor states that this to is Defense in Depth at most due to the
nature of the issue and the special circumstances required (server must be
running particular code locally, code compiled with an old, old version of
javac, etc.).

OSVersionArchitecturePackageVersionFilename
ubuntuupstreamnoarchopenjdk< anyUNKNOWN
ubuntu18.04noarchopenjdk-8< 8u392-ga-1~18.04UNKNOWN
ubuntu20.04noarchopenjdk-8< 8u392-ga-1~20.04UNKNOWN
ubuntu22.04noarchopenjdk-8< 8u392-ga-1~22.04UNKNOWN
ubuntuupstreamnoarchopenjdk-8< anyUNKNOWN
ubuntuupstreamnoarchopenjdk-8< 8u392-ga-1~23.04UNKNOWN
ubuntuupstreamnoarchopenjdk-8< 8u392-ga-1~23.10UNKNOWN
ubuntu16.04noarchopenjdk-8< 8u392-ga-1~16.04)available with ubuntu pro or ubuntu pro (infra-onlyUNKNOWN
ubuntuupstreamnoarchopenjdk-9< anyUNKNOWN
ubuntu18.04noarchopenjdk-lts< 11.0.17+8-1ubuntu2~18.04UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	upstream	noarch	openjdk	< any	UNKNOWN
ubuntu	18.04	noarch	openjdk-8	< 8u392-ga-1~18.04	UNKNOWN
ubuntu	20.04	noarch	openjdk-8	< 8u392-ga-1~20.04	UNKNOWN
ubuntu	22.04	noarch	openjdk-8	< 8u392-ga-1~22.04	UNKNOWN
ubuntu	upstream	noarch	openjdk-8	< any	UNKNOWN
ubuntu	upstream	noarch	openjdk-8	< 8u392-ga-1~23.04	UNKNOWN
ubuntu	upstream	noarch	openjdk-8	< 8u392-ga-1~23.10	UNKNOWN
ubuntu	16.04	noarch	openjdk-8	< 8u392-ga-1~16.04)available with ubuntu pro or ubuntu pro (infra-only	UNKNOWN
ubuntu	upstream	noarch	openjdk-9	< any	UNKNOWN
ubuntu	18.04	noarch	openjdk-lts	< 11.0.17+8-1ubuntu2~18.04	UNKNOWN