Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 25.04 & 24.10: USN-7533-1 Critical: openjdk-17-crac Flaws

ubuntu
Calendar Grey May 26, 2025
Dist Ubuntu Esm H88
Multiple vulnerabilities resolved in openjdk-17-crac impacting Ubuntu 24.10 and 25.04, guaranteeing enhanced protection.
Several security issues were fixed in CRaC JDK 17.

Summary

Several security issues were fixed in CRaC JDK 17.

Software Description:

- openjdk-17-crac: Open Source Java implementation with Coordinated Restore at Checkpoints

Details:

Alicja Kario discovered that the JSSE component of CRaC JDK 17 incorrectly

handled RSA padding. An attacker could possibly use this issue to obtain

sensitive information. (CVE-2025-21587)

It was discovered that the Compiler component of CRaC JDK 17 incorrectly

handled compiler transformations. An attacker could possibly use this

issue to cause a denial of service or execute arbitrary code.

(CVE-2025-30691)

It was discovered that the 2D component of CRaC JDK 17 did not properly

manage memory under certain circumstances. An attacker could possibly use

this issue to cause a denial of service or execute arbitrary code.

(CVE-2025-30698)

In addition to security fixes, the updated packages contain bug fixes,

new features, and possibly incompatible changes.

Please see the following link for more information:

http...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  openjdk-17-crac-jdk             17.0.15+6-0ubuntu1~25.04
  openjdk-17-crac-jdk-headless    17.0.15+6-0ubuntu1~25.04
  openjdk-17-crac-jre             17.0.15+6-0ubuntu1~25.04
  openjdk-17-crac-jre-headless    17.0.15+6-0ubuntu1~25.04
  openjdk-17-crac-jre-zero        17.0.15+6-0ubuntu1~25.04

Ubuntu 24.10
  openjdk-17-crac-jdk             17.0.15+6-0ubuntu1~24.10
  openjdk-17-crac-jdk-headless    17.0.15+6-0ubuntu1~24.10
  openjdk-17-crac-jre             17.0.15+6-0ubuntu1~24.10
  openjdk-17-crac-jre-headless    17.0.15+6-0ubuntu1~24.10
  openjdk-17-crac-jre-zero        17.0.15+6-0ubuntu1~24.10

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart Java
applications to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7533-1

CVE-2025-21587, CVE-2025-30691, CVE-2025-30698

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7533-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here