Arch Linux Security Advisory ASA-201501-19
=========================================
Severity: Critical
Date    : 2015-01-23
CVE-ID  : CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591
          CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395
          CVE-2015-0400 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407
          CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0413
Package : jre7-openjdk
Type    : multiple issues
Remote  : Yes
Link    : https://wiki.archlinux.org/title/CVE

Summary
======
The package jre7-openjdk before version 7.u75_2.5.4-1 is vulnerable to
multiple issues including bug not limited to arbitrary code execution,
information disclosure, denial of service, privilege escalation and
man-in-the-middle.

Resolution
=========
Upgrade to 7.u75_2.5.4-1.

# pacman -Syu "jre7-openjdk>=7.u75_2.5.4-1"

The problems have been fixed upstream in version 7.u75.

Workaround
=========
None.

Description
==========
- CVE-2014-3566 (man-in-the-middle)
Nondeterministic CBC padding, which makes it easier for
man-in-the-middle attackers to obtain cleartext data via a
padding-oracle attack, aka the "POODLE" issue.

- CVE-2014-6585 (out-of-bounds read)
Allows remote attackers to affect confidentiality via font parsing
out-of-bounds read related to 2D.

- CVE-2014-6587 (privilege escalation)
MulticastSocket NULL pointer dereference allows local users to affect
confidentiality, integrity, and availability.

- CVE-2014-6591 (out-of-bounds read)
Allows remote attackers to affect confidentiality via font parsing
out-of-bounds read related to 2D.

- CVE-2014-6593 (man-in-the-middle)
Incorrect tracking of ChangeCipherSpec during SSL/TLS handshake allows
remote attackers to affect confidentiality and integrity.

- CVE-2014-6601 (arbitrary code execution)
Class verifier insufficient invokespecial calls verification related to
Hotspot allows remote attackers to affect confidentiality, integrity,
and availability.

- CVE-2015-0383 (denial of service)
Insecure hsperfdata temporary file handling related to Hotspot allows
local users to affect integrity and availability.

- CVE-2015-0395 (arbitrary code execution)
Phantom references handling issue in garbage collector related to
Hotspot allows remote attackers to affect confidentiality, integrity,
and availability.

- CVE-2015-0400 (information disclosure)
Successful unauthenticated network attacks via multiple protocols can
result in unauthorized read access to a subset of Java SE accessible data.

- CVE-2015-0403 (arbitrary code execution)
Successful attack of this vulnerability can result in unauthorized
Operating System takeover including arbitrary code execution.

- CVE-2015-0406 (information disclosure)
Successful unauthenticated network attacks via multiple protocols can
result in unauthorized read access to a subset of accessible data and
ability to cause a partial denial of service.

- CVE-2015-0407 (information disclosure)
Directory information leak via file chooser related to Swing allows
remote attackers to affect confidentiality.

- CVE-2015-0408 (arbitrary code execution)
Incorrect context class loader use in RMI transport allows remote
attackers to affect confidentiality, integrity, and availability.

- CVE-2015-0410 (denial of service)
DER decoder infinite loop allows remote attackers to affect availability.

- CVE-2015-0412 (arbitrary code execution)
Insufficient code privileges checks related to JAX-WS allows remote
attackers to affect confidentiality, integrity, and availability.

- CVE-2015-0413 (unauthorized modification)
Successful attack of this vulnerability can result in unauthorized
update, insert or delete access to some Java SE accessible data.

- CVE-2015-0421 (arbitrary code execution)
Successful attack of this vulnerability can result in unauthorized
Operating System takeover including arbitrary code execution.

- CVE-2015-0437 (arbitrary code execution)
Code generation issue related to Hotspot allows remote attackers to
affect confidentiality, integrity, and availability.

Impact
=====
A remote attacker is able to perform arbitrary code execution,
information disclosure, denial of service, privilege escalation and
man-in-the-middle via various vulnerabilities.

References
=========
https://www.oracle.com/security-alerts/cpujan2015verbose.html
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6585
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6587
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6591
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6593
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6601
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0383
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0395
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0400
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0403
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0406
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0407
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0408
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0410
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0412
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0413

ArchLinux: 201501-19: jre7-openjdk: multiple issues

January 23, 2015

Summary

- CVE-2014-3566 (man-in-the-middle) Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 (out-of-bounds read) Allows remote attackers to affect confidentiality via font parsing out-of-bounds read related to 2D.
- CVE-2014-6587 (privilege escalation) MulticastSocket NULL pointer dereference allows local users to affect confidentiality, integrity, and availability.
- CVE-2014-6591 (out-of-bounds read) Allows remote attackers to affect confidentiality via font parsing out-of-bounds read related to 2D.
- CVE-2014-6593 (man-in-the-middle) Incorrect tracking of ChangeCipherSpec during SSL/TLS handshake allows remote attackers to affect confidentiality and integrity.
- CVE-2014-6601 (arbitrary code execution) Class verifier insufficient invokespecial calls verification related to Hotspot allows remote attackers to affect confidentiality, integrity, and availability.
- CVE-2015-0383 (denial of service) Insecure hsperfdata temporary file handling related to Hotspot allows local users to affect integrity and availability.
- CVE-2015-0395 (arbitrary code execution) Phantom references handling issue in garbage collector related to Hotspot allows remote attackers to affect confidentiality, integrity, and availability.
- CVE-2015-0400 (information disclosure) Successful unauthenticated network attacks via multiple protocols can result in unauthorized read access to a subset of Java SE accessible data.
- CVE-2015-0403 (arbitrary code execution) Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
- CVE-2015-0406 (information disclosure) Successful unauthenticated network attacks via multiple protocols can result in unauthorized read access to a subset of accessible data and ability to cause a partial denial of service.
- CVE-2015-0407 (information disclosure) Directory information leak via file chooser related to Swing allows remote attackers to affect confidentiality.
- CVE-2015-0408 (arbitrary code execution) Incorrect context class loader use in RMI transport allows remote attackers to affect confidentiality, integrity, and availability.
- CVE-2015-0410 (denial of service) DER decoder infinite loop allows remote attackers to affect availability.
- CVE-2015-0412 (arbitrary code execution) Insufficient code privileges checks related to JAX-WS allows remote attackers to affect confidentiality, integrity, and availability.
- CVE-2015-0413 (unauthorized modification) Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data.
- CVE-2015-0421 (arbitrary code execution) Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.
- CVE-2015-0437 (arbitrary code execution) Code generation issue related to Hotspot allows remote attackers to affect confidentiality, integrity, and availability.

Resolution

Upgrade to 7.u75_2.5.4-1. # pacman -Syu "jre7-openjdk>=7.u75_2.5.4-1"
The problems have been fixed upstream in version 7.u75.

References

https://www.oracle.com/security-alerts/cpujan2015verbose.html https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6585 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6587 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6591 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6593 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6601 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0383 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0395 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0400 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0403 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0406 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0407 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0408 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0410 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0412 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0413

Severity
CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395
CVE-2015-0400 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407
CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0413
Package : jre7-openjdk
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/title/CVE

Workaround

None.

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved