Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2022:14876-1 Moderate: Java-1_7_1-Ibm Memory and Access Fixes

suse
Calendar Grey January 18, 2022
Dist Suse Esm H88
Explore the latest SUSE patch for java-1_7_1-oracle which addresses 12 critical issues, including memory leaks and access violations in methods.
An update that solves 12 vulnerabilities and has two fixes is now available

Summary

This update for java-1_7_1-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. (bsc#1194198, bsc#1192052) - CVE-2021-35586: Excessive memory allocation in BMPImageReader. (bsc#1191914) - CVE-2021-35564: Certificates with end dates too far in the future can corrupt keystore. (bsc#1191913) - CVE-2021-35559: Excessive memory allocation in RTFReader. (bsc#1191911) - CVE-2021-35556: Excessive memory allocation in RTFParser. (bsc#1191910) - CVE-2021-35565: Loop in HttpsServer triggered during TLS session close. (bsc#1191909) - CVE-2021-35588: Incomplete validation of inner class references in

Topics%20covered

Topics Covered

security advisory moderate security update suse memory allocation java security access issues

References

#1185055 #1188564 #1188565 #1188566 #1188568

#1191905 #1191909 #1191910 #1191911 #1191913

#1191914 #1192052 #1194198 #1194232

Cross- CVE-2021-2163 CVE-2021-2341 CVE-2021-2369

CVE-2021-2388 CVE-2021-2432 CVE-2021-35556

CVE-2021-35559 CVE-2021-35564 CVE-2021-35565

CVE-2021-35586 CVE-2021-35588 CVE-2021-41035

CVSS scores:

CVE-2021-2163 (NVD) : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

CVE-2021-2163 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

CVE-2021-2341 (NVD) : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CVE-2021-2341 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CVE-2021-2369 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVE-2021-2369 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Announcement ID: SUSE-SU-2022:14876-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security update suse memory allocation java security access issues

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here