openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:4306-1)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.856839

Kategorie: openSUSE Local Security Checks

Titel: openSUSE Security Advisory (SUSE-SU-2024:4306-1)

Zusammenfassung: The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2024:4306-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2024:4306-1 advisory.

Vulnerability Insight:
This update for java-1_8_0-ibm fixes the following issues:

Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU (bsc#1232064):
- CVE-2024-21208: Fixed partial DoS in component Networking (bsc#1231702,JDK-8328286)
- CVE-2024-21210: Fixed unauthorized update, insert or delete access to some of Oracle Java SE accessible data in component Hotspot (bsc#1231711,JDK-8328544)
- CVE-2024-21217: Fixed partial DoS in component Serialization (bsc#1231716,JDK-8331446)
- CVE-2024-21235: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231719,JDK-8332644)

Other issues fixed in past releases:
- CVE-2024-3933: Fixed evaluate constant byteLenNode of arrayCopyChild (bsc#1225470)

Affected Software/OS:
'java-1_8_0-ibm' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
6.4

CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2024-21208
Common Vulnerability Exposure (CVE) ID: CVE-2024-21210
Common Vulnerability Exposure (CVE) ID: CVE-2024-21217
Common Vulnerability Exposure (CVE) ID: CVE-2024-21235
Common Vulnerability Exposure (CVE) ID: CVE-2024-3933
https://github.com/eclipse/omr/pull/7275
https://gitlab.eclipse.org/security/cve-assignement/-/issues/21

Copyright Copyright (C) 2024 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.856839
Kategorie:	openSUSE Local Security Checks
Titel:	openSUSE Security Advisory (SUSE-SU-2024:4306-1)
Zusammenfassung:	The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2024:4306-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2024:4306-1 advisory. Vulnerability Insight: This update for java-1_8_0-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU (bsc#1232064): - CVE-2024-21208: Fixed partial DoS in component Networking (bsc#1231702,JDK-8328286) - CVE-2024-21210: Fixed unauthorized update, insert or delete access to some of Oracle Java SE accessible data in component Hotspot (bsc#1231711,JDK-8328544) - CVE-2024-21217: Fixed partial DoS in component Serialization (bsc#1231716,JDK-8331446) - CVE-2024-21235: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231719,JDK-8332644) Other issues fixed in past releases: - CVE-2024-3933: Fixed evaluate constant byteLenNode of arrayCopyChild (bsc#1225470) Affected Software/OS: 'java-1_8_0-ibm' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2024-21208 Common Vulnerability Exposure (CVE) ID: CVE-2024-21210 Common Vulnerability Exposure (CVE) ID: CVE-2024-21217 Common Vulnerability Exposure (CVE) ID: CVE-2024-21235 Common Vulnerability Exposure (CVE) ID: CVE-2024-3933 https://github.com/eclipse/omr/pull/7275 https://gitlab.eclipse.org/security/cve-assignement/-/issues/21
Copyright	Copyright (C) 2024 Greenbone AG