REDHAT-BUG-2297961
First published: Mon Jul 15 2024(Updated: )
A potential UTF8 size overflow vulnerability was found in OpenJDK. Oracle CPU advisory - July 2024: <a href="https://www.oracle.com/security-alerts/cpujul2024.html#AppendixJAVA">https://www.oracle.com/security-alerts/cpujul2024.html#AppendixJAVA</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenJDK 17 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.oracle.com/security-alerts/cpujul2024.html#AppendixJAVA
- https://access.redhat.com/errata/RHSA-2024:4564
- https://access.redhat.com/errata/RHSA-2024:4565
- https://access.redhat.com/errata/RHSA-2024:4569
- https://access.redhat.com/errata/RHSA-2024:4571
- https://access.redhat.com/errata/RHSA-2024:4570
- https://access.redhat.com/errata/RHSA-2024:4572
- https://access.redhat.com/errata/RHSA-2024:4566
- https://access.redhat.com/errata/RHSA-2024:4567
- https://access.redhat.com/errata/RHSA-2024:4573
- https://access.redhat.com/errata/RHSA-2024:4561
- https://access.redhat.com/errata/RHSA-2024:4568
- https://access.redhat.com/errata/RHSA-2024:4563
- https://access.redhat.com/errata/RHSA-2024:4560
- https://access.redhat.com/errata/RHSA-2024:4562
- https://github.com/openjdk/jdk8u/commit/48e19d8467c7cd6f2594093c42f9292df8bf5e96
- https://github.com/openjdk/jdk11u/commit/6fb5b8a3d26acfcfc0c114b13feab5f9a28718e7
- https://github.com/openjdk/jdk17u/commit/c6031dcb1b7f13e253036088222f53083a8cd028
- https://github.com/openjdk/jdk21u/commit/2586c32d2fd9f119432464293998d6b9a43b28ee
- https://bugzilla.redhat.com/show_bug.cgi?id=2297961
Frequently Asked Questions
What is the severity of REDHAT-BUG-2297961?
The severity of REDHAT-BUG-2297961 is categorized as significant due to its potential for UTF8 size overflow in OpenJDK.
How do I fix REDHAT-BUG-2297961?
To fix REDHAT-BUG-2297961, you should update to the latest version of OpenJDK as recommended in the advisory.
What systems are affected by REDHAT-BUG-2297961?
REDHAT-BUG-2297961 affects the OpenJDK 17 version provided by Oracle.
What is the nature of the vulnerability in REDHAT-BUG-2297961?
REDHAT-BUG-2297961 involves a potential UTF8 size overflow vulnerability which could lead to unexpected behavior in applications.
Is there a known exploit for REDHAT-BUG-2297961?
As of now, there is no publicly reported exploit for REDHAT-BUG-2297961, but it is advisable to address the vulnerability promptly.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/description
- agent/event
- agent/references
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-21131
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/oracle
- canonical/openjdk 17