all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6527-1: OpenJDK vulnerabilities

Add to bookmarks
Nov. 29, 2023, 9:56 p.m. |

Ubuntu security notices ubuntu.com

Carter Kozak discovered that OpenJDK, when compiling with AVX-512
instruction support enabled, could produce code that resulted in memory
corruption in certain situations. An attacker targeting applications built
in this way could possibly use this to cause a denial of service or execute
arbitrary code. In Ubuntu, OpenJDK defaults to not using AVX-512
instructions. (CVE-2023-22025)

It was discovered that OpenJDK did not properly perform PKIX certification
path validation in certain situations. An attacker could use this to cause
a denial …

applications arbitrary code attacker avx carter code corruption cve denial of service memory memory corruption openjdk service support targeting ubuntu usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6760-1: Gerbv vulnerability 1 day, 5 hours ago | ubuntu.com
application attacker crash data +10
LSN-0103-1: Kernel Live Patch Security Notice 1 day, 17 hours ago | ubuntu.com
attacker con cve data +21
USN-6758-1: JSON5 vulnerability 1 day, 17 hours ago | ubuntu.com
access application attacker denial of service +12
USN-6761-1: Anope vulnerability 1 day, 20 hours ago | ubuntu.com
accounts attacker changing credentials +7
USN-6759-1: FreeRDP vulnerabilities 2 days, 11 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6757-1: PHP vulnerabilities 2 days, 14 hours ago | ubuntu.com
arbitrary code attacker code cookie +15
USN-6744-3: Pillow vulnerability 2 days, 15 hours ago | ubuntu.com
advisory automated buffer buffer overflow +12
USN-6734-2: libvirt vulnerabilities 2 days, 16 hours ago | ubuntu.com
advisory api attacker crash +13
USN-6733-2: GnuTLS vulnerabilities 2 days, 16 hours ago | ubuntu.com
advisory attacker channel cve +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Senior Software Engineer, Security

@ Niantic | Zürich, Switzerland
View on infosec-jobs.com

Consultant expert en sécurité des systèmes industriels (H/F)

@ Devoteam | Levallois-Perret, France
View on infosec-jobs.com

Cybersecurity Analyst

@ Bally's | Providence, Rhode Island, United States
View on infosec-jobs.com

Digital Trust Cyber Defense Executive

@ KPMG India | Gurgaon, Haryana, India
View on infosec-jobs.com

Program Manager - Cybersecurity Assessment Services

@ TestPros | Remote (and DMV), DC
View on infosec-jobs.com
View more jobs