First published: Thu Jun 27 2024(Updated: )
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.<br>Security Fix(es):<br><li> IBM JDK: Object Request Broker (ORB) denial of service (CVE-2023-38264)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/java | <1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-demo-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-demo-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-devel-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-devel-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-jdbc-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-jdbc-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-plugin-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-plugin-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-src-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-src-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-demo-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-demo-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-devel-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-devel-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-jdbc-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-jdbc-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-src-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-src-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-plugin-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-plugin-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-demo-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-demo-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-devel-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-devel-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-jdbc-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-jdbc-1.8.0.8.25-1jpp.1.el7 |
redhat/java | <1.8.0-ibm-src-1.8.0.8.25-1jpp.1.el7 | 1.8.0-ibm-src-1.8.0.8.25-1jpp.1.el7 |
Red Hat Enterprise Linux Server for IBM z Systems | ||
Red Hat Enterprise Linux for Scientific Computing | ||
Red Hat Enterprise Linux for Power, big endian | ||
Red Hat Enterprise Linux | ||
Red Hat Enterprise Linux Workstation Supplementary | ||
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | ||
Red Hat Enterprise Linux 8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2024:4160 is classified as moderate due to the Object Request Broker (ORB) denial of service vulnerability.
You can fix RHSA-2024:4160 by updating to the recommended Java packages, specifically version 1.8.0-ibm-1.8.0.8.25-1jpp.1.el7 or higher.
RHSA-2024:4160 affects multiple versions of Red Hat Enterprise Linux, including those for IBM z Systems, Scientific Computing, Power, and Workstation.
CVE-2023-38264 refers to the specific denial of service vulnerability in the IBM JDK that is addressed in RHSA-2024:4160.
While not mandatory, it is highly recommended to upgrade to secure your system against the vulnerabilities outlined in RHSA-2024:4160.