SUSE: 2024:0321-3 High Alert: Security Update for Java-8-OpenJDK

suse

February 2, 2024

* bsc#1218903 * bsc#1218905 * bsc#1218906 * bsc#1218907 * bsc#1218909

Summary

## This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 (January 2024 CPU): * CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check (bsc#1218907). * CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier (bsc#1218903). * CVE-2024-20921: Fixed an incorrect optimization in the Hotspot JVM that could lead to corruption of JVM memory (bsc#1218905). * CVE-2024-20926: Fixed arbitrary Java code execution in Nashorn (bsc#1218906). * CVE-2024-20945: Fixed a potential private key leak through debug logs (bsc#1218909). * CVE-2024-20952: Fixed an RSA padding issue and timing side-channel attack against TLS (bsc#1218911). Find the full release notes at:

Topics Covered

security advisory buffer overflow critical memory corruption SUSE sandbox bypass java-11-openjdk

References

* bsc#1218903

* bsc#1218905

* bsc#1218906

* bsc#1218907

* bsc#1218909

* bsc#1218911

Cross-

* CVE-2024-20918

* CVE-2024-20919

* CVE-2024-20921

* CVE-2024-20926

* CVE-2024-20945

* CVE-2024-20952

CVSS scores:

* CVE-2024-20918 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

* CVE-2024-20919 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

* CVE-2024-20921 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-20926 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-20945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-20952 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* Basesystem Module 15-SP5

* openSUSE Leap 15.5

* SUSE CaaS Platform 4.0

* SUSE Enterprise Storage 7.1

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:0321-1

Rating: important

Topics Covered

security advisory buffer overflow critical memory corruption SUSE sandbox bypass java-11-openjdk

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2024:0321-3 High Alert: Security Update for Java-8-OpenJDK

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2024:0321-3 High Alert: Security Update for Java-8-OpenJDK

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!