vulnerability

Alma Linux: CVE-2022-40433: Moderate: java-1.8.0-openjdk security update (Multiple Advisories)

Severity
6
CVSS
(AV:N/AC:L/Au:M/C:N/I:N/A:C)
Published
Aug 22, 2023
Added
Oct 23, 2023
Modified
Jan 28, 2025

Description

** DISPUTED ** An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service. Note: Vendor states that this to is Defense in Depth at most due to the nature of the issue and the special circumstances required (server must be running particular code locally, code compiled with an old, old version of javac, etc.).
A vulnerability was found in OpenJDK. This issue occurs in the ciMethodBlocks::make_block_at function in OpenJDK (HotSpot VM) 8 (11 and 17 are fixed starting from 11.0.17 and 17.0.5 respectively), and may allow an attacker to cause a denial of service.

Solution(s)

alma-upgrade-java-1.8.0-openjdkalma-upgrade-java-1.8.0-openjdk-accessibilityalma-upgrade-java-1.8.0-openjdk-accessibility-fastdebugalma-upgrade-java-1.8.0-openjdk-accessibility-slowdebugalma-upgrade-java-1.8.0-openjdk-demoalma-upgrade-java-1.8.0-openjdk-demo-fastdebugalma-upgrade-java-1.8.0-openjdk-demo-slowdebugalma-upgrade-java-1.8.0-openjdk-develalma-upgrade-java-1.8.0-openjdk-devel-fastdebugalma-upgrade-java-1.8.0-openjdk-devel-slowdebugalma-upgrade-java-1.8.0-openjdk-fastdebugalma-upgrade-java-1.8.0-openjdk-headlessalma-upgrade-java-1.8.0-openjdk-headless-fastdebugalma-upgrade-java-1.8.0-openjdk-headless-slowdebugalma-upgrade-java-1.8.0-openjdk-javadocalma-upgrade-java-1.8.0-openjdk-javadoc-zipalma-upgrade-java-1.8.0-openjdk-slowdebugalma-upgrade-java-1.8.0-openjdk-srcalma-upgrade-java-1.8.0-openjdk-src-fastdebugalma-upgrade-java-1.8.0-openjdk-src-slowdebug
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.