REDHAT-BUG-2275005
First published: Sun Apr 14 2024(Updated: )
A flaw was found in the C2 compiler in the Hotspot component of OpenJDK. C2 compilation fails with "Exceeded _node_regs array" due to an improper size validation and out-of-bounds array access, potentially resulting in a corruption of the JVM memory. Upstream OpenJDK issue: <a href="https://bugs.openjdk.org/browse/JDK-8317507">https://bugs.openjdk.org/browse/JDK-8317507</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Build of OpenJDK with Hotspot |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugs.openjdk.org/browse/JDK-8317507
- https://access.redhat.com/errata/RHSA-2024:1817
- https://access.redhat.com/errata/RHSA-2024:1816
- https://access.redhat.com/errata/RHSA-2024:1815
- https://access.redhat.com/errata/RHSA-2024:1820
- https://access.redhat.com/errata/RHSA-2024:1824
- https://access.redhat.com/errata/RHSA-2024:1823
- https://access.redhat.com/errata/RHSA-2024:1825
- https://access.redhat.com/errata/RHSA-2024:1818
- https://access.redhat.com/errata/RHSA-2024:1819
- https://access.redhat.com/errata/RHSA-2024:1821
- https://access.redhat.com/errata/RHSA-2024:1822
- https://github.com/openjdk/jdk/commit/a5818972c16bd883d768ff2fb23a8aa9e0142c65
- https://github.com/openjdk/jdk17u/commit/5ed19267f63e0dde4f8ea41f4832237b980b3480
- https://github.com/openjdk/jdk11u/commit/c6b1d04179afe49071cd2bc4d29ec90d26124867
- https://github.com/openjdk/jdk8u/commit/43cb87550865a93c559c9e8eaa59fcb071301bd3
- https://www.oracle.com/security-alerts/cpuapr2024.html#AppendixJAVA
- https://www.oracle.com/java/technologies/javase/8u411-relnotes.html
- https://www.oracle.com/java/technologies/javase/8u411-perf-relnotes.html
- https://www.oracle.com/java/technologies/javase/11-0-23-relnotes.html
- https://www.oracle.com/java/technologies/javase/17-0-11-relnotes.html
- https://www.oracle.com/java/technologies/javase/21-0-3-relnotes.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2275005
Frequently Asked Questions
What is the severity of REDHAT-BUG-2275005?
The severity of REDHAT-BUG-2275005 is classified as critical due to potential memory corruption in the JVM.
How do I fix REDHAT-BUG-2275005?
To fix REDHAT-BUG-2275005, apply the latest patch provided by Red Hat for the affected OpenJDK version.
What versions of OpenJDK are affected by REDHAT-BUG-2275005?
REDHAT-BUG-2275005 affects versions of the OpenJDK Hotspot component that utilize the C2 compiler.
What kind of vulnerability is REDHAT-BUG-2275005?
REDHAT-BUG-2275005 is a memory corruption vulnerability caused by improper size validation in the C2 compiler.
How can REDHAT-BUG-2275005 impact my system?
If exploited, REDHAT-BUG-2275005 can lead to system instability and potential unauthorized access due to JVM memory corruption.
- agent/severity
- agent/first-publish-date
- agent/event
- agent/type
- agent/description
- agent/references
- agent/source
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-21094
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/openjdk
- canonical/microsoft build of openjdk with hotspot