Mageia 9 MGASA-2024-0056 Moderate: OpenJDK Memory Corruption Issues
mageia
March 13, 2024
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit
Summary
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime
Environment and the OpenJDK 17 Java Software Development Kit.
Security Fix(es):
OpenJDK: memory corruption issue on x86_64 with AVX-512 (8317121)
(CVE-2023-22025)
OpenJDK: certificate path validation issue during client authentication
(8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a
CVSS score, acknowledgments, and other related information, refer to the
CVE page(s) listed in the References section.
References
- https://bugs.mageia.org/show_bug.cgi?id=32545
- https://access.redhat.com/errata/RHSA-2023:5752
- https://www.oracle.com/security-alerts/cpuoct2023.html#AppendixJAVA
- https://www.cve.org/CVERecord?id=CVE-2023-22081
- https://www.cve.org/CVERecord?id=CVE-2023-22025
- https://www.cve.org/CVERecord?id=CVE-2024-20932
- https://www.cve.org/CVERecord?id=CVE-2024-20918
- https://www.cve.org/CVERecord?id=CVE-2024-20952
- https://www.cve.org/CVERecord?id=CVE-2024-20919
- https://www.cve.org/CVERecord?id=CVE-2024-20921
- https://www.cve.org/CVERecord?id=CVE-2024-20945
Topics Covered
Resolution
SRPMS
- 9/core/java-17-openjdk-17.0.10.0.7-1.mga9
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 13 Mar 2024
URL: https://advisories.mageia.org/MGASA-2024-0056.html
Type: security
CVE: CVE-2023-22081,
CVE-2023-22025,
CVE-2024-20932,
CVE-2024-20918,
CVE-2024-20952,
CVE-2024-20919,
CVE-2024-20921,
CVE-2024-20945
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!