Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

Ubuntu 16.04 LTS USN-3734-1 Critical: OpenJDK 8 DoS Memory Issue

ubuntu
Calendar Grey August 10, 2018
Dist Ubuntu Esm H88
A significant flaw in OpenJDK on Ubuntu 16.04 might result in high memory consumption, potentially triggering a denial of service scenario.
Java applications could be made to use excessive memory.

Summary

Java applications could be made to use excessive memory.

Software Description:

- openjdk-8: Open Source Java implementation

Details:

It was discovered that the PatternSyntaxException class in OpenJDK

did not properly validate arguments passed to it. An attacker could

use this to possibly construct a class that caused a denial of service

(excessive memory consumption).

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  openjdk-8-jdk                   8u181-b13-0ubuntu0.16.04.1
  openjdk-8-jre                   8u181-b13-0ubuntu0.16.04.1
  openjdk-8-jre-headless          8u181-b13-0ubuntu0.16.04.1
  openjdk-8-jre-jamvm             8u181-b13-0ubuntu0.16.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3734-1

CVE-2018-2952

Severity
critical
Lowest
Low
Medium
High
Critical

August 10, 2018

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.