What is the severity of RHSA-2022:0968?

The severity of RHSA-2022:0968 is considered moderate due to the potential for weak ciphers to be favored over stronger ones in TLS connections.

How do I fix RHSA-2022:0968?

To fix RHSA-2022:0968, update your IBM Java SE to version 8 SR7-FP5 as recommended in the advisory.

What versions of Java are affected by RHSA-2022:0968?

RHSA-2022:0968 affects several versions of IBM Java SE 8, specifically versions prior to 1.8.0-ibm-1.8.0.7.5-1jpp.1.el7.

What are the risks of not addressing RHSA-2022:0968?

Not addressing RHSA-2022:0968 could expose applications using IBM Java SE to vulnerabilities related to weak TLS ciphers, increasing the risk of security breaches.

Is there any impact on application performance with the fix for RHSA-2022:0968?

Generally, applying the fix for RHSA-2022:0968 should enhance security without negatively impacting application performance.

Vulnerability/
RHSA-2022:0968

CWE

190

21/3/2022

RHSA-2022:0968: Moderate: java-1.8.0-ibm security update

First published: Mon Mar 21 2022(Updated: )

IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.<br>This update upgrades IBM Java SE 8 to version 8 SR7-FP5.<br>Security Fix(es):<br><li> OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550)</li> <li> OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248)</li> <li> OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293)</li> <li> OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294)</li> <li> OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340)</li> <li> OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341)</li> <li> OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360)</li> <li> OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365)</li> <li> OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2022:0968?
The severity of RHSA-2022:0968 is considered moderate due to the potential for weak ciphers to be favored over stronger ones in TLS connections.
How do I fix RHSA-2022:0968?
To fix RHSA-2022:0968, update your IBM Java SE to version 8 SR7-FP5 as recommended in the advisory.
What versions of Java are affected by RHSA-2022:0968?
RHSA-2022:0968 affects several versions of IBM Java SE 8, specifically versions prior to 1.8.0-ibm-1.8.0.7.5-1jpp.1.el7.
What are the risks of not addressing RHSA-2022:0968?
Not addressing RHSA-2022:0968 could expose applications using IBM Java SE to vulnerabilities related to weak TLS ciphers, increasing the risk of security breaches.
Is there any impact on application performance with the fix for RHSA-2022:0968?
Generally, applying the fix for RHSA-2022:0968 should enhance security without negatively impacting application performance.

agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2022:0968
agent/software-canonical-lookup
agent/remedy
agent/title
agent/weakness
agent/references
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat