Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 448
Alerts This Week
Warning Icon 1 448

Ubuntu 14.04 LTS USN-3735-1 Moderate: OpenJDK 7 Memory Consumption DoS

ubuntu
Calendar Grey August 10, 2018
Dist Ubuntu Esm H88
Debian Security Advisory DSA-4683-1 highlights critical vulnerabilities in OpenSSL. Users should apply the latest security patches without delay.
Java applications could be made to use excessive memory.

Summary

Java applications could be made to use excessive memory.

Software Description:

- openjdk-7: Open Source Java implementation

Details:

It was discovered that the PatternSyntaxException class in OpenJDK did

not properly validate arguments passed to it. An attacker could use

this to potentially construct a class that caused a denial of service

(excessive memory consumption).

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  icedtea-7-jre-jamvm             7u181-2.6.14-0ubuntu0.2
  openjdk-7-jdk                   7u181-2.6.14-0ubuntu0.2
  openjdk-7-jre                   7u181-2.6.14-0ubuntu0.2
  openjdk-7-jre-headless          7u181-2.6.14-0ubuntu0.2
  openjdk-7-jre-lib               7u181-2.6.14-0ubuntu0.2

After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3735-1

CVE-2018-2952

August 10, 2018

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.