Ubuntu 24.10: USN-7339-1 critical: openjdk-21-crac DoS and info exposure

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 Summary: Several security issues were fixed in CRaC JDK 21. Software Description: - openjdk-21-crac: Open Source Java implementation with Coordinated Restore at Checkpoints Details: Andy Boothe discovered that the Networking component of CRaC JDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. (CVE-2024-21208) It was discovered that the Hotspot component of CRaC JDK 21 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2024-21210, CVE-2024-21235) It was discovered that the Serialization component of CRaC JDK 21 did not properly handle deserialization under certain circumstances. An unauthenticated attacker could poss...