SUSE: 2018:3082-1 Moderate: Java-1_8_0-IBM Partial DoS Risk
suse
October 9, 2018
An update that fixes 10 vulnerabilities is now available
Summary
This update for java-1_8_0-ibm to 8.0.5.20 fixes the following issues: - CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit (bsc#1104668). - CVE-2018-2940: Vulnerability in subcomponent: Libraries. Easily exploitable vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than
References
#1104668
Cross- CVE-2016-0705 CVE-2017-3732 CVE-2017-3736
CVE-2018-12539 CVE-2018-1517 CVE-2018-1656
CVE-2018-2940 CVE-2018-2952 CVE-2018-2964
CVE-2018-2973
Affected Products:
SUSE Linux Enterprise Module for Legacy Software 15
https://www.suse.com/security/cve/CVE-2016-0705.html
https://www.suse.com/security/cve/CVE-2017-3732.html
https://www.suse.com/security/cve/CVE-2017-3736.html
https://www.suse.com/security/cve/CVE-2018-12539.html
https://www.suse.com/security/cve/CVE-2018-1517.html
https://www.suse.com/security/cve/CVE-2018-1656.html
https://www.suse.com/security/cve/CVE-2018-2940.html
https://www.suse.com/security/cve/CVE-2018-2952.html
https://www.suse.com/security/cve/CVE-2018-2964.html
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2018:3082-1
Rating: moderate
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!