SUSE 15 SP7 Security Advisory 2025:01525-1: Java DoS Threats Fixed
suse
June 5, 2025
* bsc#1241274 * bsc#1241275 * bsc#1241276 Cross-References:
Summary
## This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u452 (icedtea-3.35.0) Security issues fixed: * CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. (bsc#1241274) * CVE-2025-30691: unauthorized update, insert or delete access to a subset of Oracle Java SE data through the Compiler component. (bsc#1241275) * CVE-2025-30698: unauthorized access to Oracle Java SE data and unauthorized ability to cause partial DoS through the 2D component. (bsc#1241276) Non-security issues fixed: * JDK-8212096: javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java failed intermittently due to SSLException: Tag mismatch. * JDK-8261020: wrong format parameter in create_emergency_chunk_path.
References
* bsc#1241274
* bsc#1241275
* bsc#1241276
Cross-
* CVE-2025-21587
* CVE-2025-30691
* CVE-2025-30698
CVSS scores:
* CVE-2025-21587 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2025-21587 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-21587 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2025-30691 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-30691 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30691 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2025-30698 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2025:01525-1
Release Date: 2025-06-05T07:48:33Z
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!