REDHAT-BUG-1242144
First published: Sat Jul 11 2015(Updated: )
It was discovered that GCM (Galois Counter Mode), a mode of operation for symmetric key cryptographic block ciphers, implementation in the Security component of OpenJDK failed to properly perform null check. This could cause crash when application performed encryption using a block cipher in GCM mode. GCM mode is used in several cipher suites defined for TLS 1.2. Affected code was added to OpenJDK version 8, earlier versions 6 and 7 do not contain it and are therefore unaffected.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenJDK | >=8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-1242144?
The severity of REDHAT-BUG-1242144 is classified as critical due to the potential for application crashes during encryption operations.
How do I fix REDHAT-BUG-1242144?
To fix REDHAT-BUG-1242144, update to the latest patched version of OpenJDK that addresses the GCM implementation issue.
Which versions of OpenJDK are affected by REDHAT-BUG-1242144?
OpenJDK versions 8 and higher are affected by REDHAT-BUG-1242144.
What causes the vulnerability REDHAT-BUG-1242144?
The vulnerability REDHAT-BUG-1242144 is caused by the Galois Counter Mode implementation failing to perform necessary null checks.
What is GCM in the context of REDHAT-BUG-1242144?
GCM, or Galois Counter Mode, is a mode of operation for symmetric key cryptographic block ciphers, which is impacted by the vulnerability in REDHAT-BUG-1242144.
- collector/redhat-bugzilla
- alias/CVE-2015-2659
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/openjdk
- canonical/openjdk