REDHAT-BUG-2243627
First published: Thu Oct 12 2023(Updated: )
A flaw was found in the PKIX certification path validation algorithm in the JSSE component of OpenJDK. A malicious remote client could use this flaw to craft a X.509 certificate and cause denial of service in a Java application processing such certificate.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenJDK 17 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2023:5742
- https://access.redhat.com/errata/RHSA-2023:5739
- https://access.redhat.com/errata/RHSA-2023:5741
- https://access.redhat.com/errata/RHSA-2023:5743
- https://access.redhat.com/errata/RHSA-2023:5747
- https://access.redhat.com/errata/RHSA-2023:5740
- https://access.redhat.com/errata/RHSA-2023:5750
- https://access.redhat.com/errata/RHSA-2023:5752
- https://access.redhat.com/errata/RHSA-2023:5737
- https://access.redhat.com/errata/RHSA-2023:5753
- https://access.redhat.com/errata/RHSA-2023:5744
- https://access.redhat.com/errata/RHSA-2023:5746
- https://access.redhat.com/errata/RHSA-2023:5734
- https://access.redhat.com/errata/RHSA-2023:5735
- https://access.redhat.com/errata/RHSA-2023:5745
- https://access.redhat.com/errata/RHSA-2023:5726
- https://access.redhat.com/errata/RHSA-2023:5725
- https://access.redhat.com/errata/RHSA-2023:5736
- https://access.redhat.com/errata/RHSA-2023:5751
- https://access.redhat.com/errata/RHSA-2023:5761
- https://access.redhat.com/errata/RHSA-2023:5731
- https://access.redhat.com/errata/RHSA-2023:5732
- https://access.redhat.com/errata/RHSA-2023:5727
- https://access.redhat.com/errata/RHSA-2023:5728
- https://access.redhat.com/errata/RHSA-2023:5729
- https://access.redhat.com/errata/RHSA-2023:5733
- https://access.redhat.com/errata/RHSA-2023:5730
- https://github.com/openjdk/jdk8u/commit/32ec85f1ee2c9d1cc5109d4c4678d2aadf6dbf09
- https://github.com/openjdk/jdk11u/commit/e60621f7f8ade409bc01f84d2be08afc1ccfc2bb
- https://github.com/openjdk/jdk17u/commit/3a391232c8aa4fdf54d73ec725bdb4b4e9192bb5
- https://www.oracle.com/security-alerts/cpuoct2023.html#AppendixJAVA
- https://www.oracle.com/java/technologies/javase/8u391-relnotes.html
- https://www.oracle.com/java/technologies/javase/8u391-perf-relnotes.html
- https://www.oracle.com/java/technologies/javase/11-0-21-relnotes.html
- https://www.oracle.com/java/technologies/javase/17-0-9-relnotes.html
- https://www.oracle.com/java/technologies/javase/21-0-1-relnotes.html
- https://access.redhat.com/errata/RHSA-2023:6738
- https://access.redhat.com/errata/RHSA-2023:6887
- https://access.redhat.com/errata/RHSA-2024:0866
- https://access.redhat.com/errata/RHSA-2024:0879
- https://bugzilla.redhat.com/show_bug.cgi?id=2243627
Frequently Asked Questions
What is the severity of REDHAT-BUG-2243627?
The severity of REDHAT-BUG-2243627 is considered critical due to the potential for denial of service.
How do I fix REDHAT-BUG-2243627?
To fix REDHAT-BUG-2243627, you should update to the latest version of OpenJDK provided by Oracle that addresses this vulnerability.
What products are affected by REDHAT-BUG-2243627?
REDHAT-BUG-2243627 affects OpenJDK 17 from Oracle.
What kind of attack does REDHAT-BUG-2243627 enable?
REDHAT-BUG-2243627 enables a remote denial of service attack through crafted X.509 certificates.
When was REDHAT-BUG-2243627 reported?
REDHAT-BUG-2243627 was reported as a flaw in the JSSE component of OpenJDK.
- agent/type
- agent/first-publish-date
- agent/severity
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-22081
- agent/last-modified-date
- agent/references
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/openjdk 17