http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

104780

1041302

RHSA-2018:2253

RHSA-2018:2256

https://security.netapp.com/advisory/ntap-20180726-0001/

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components :

 - Concurrency. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2952)

 - Deployment. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2964)

 - JSSE. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2973)

 - Java DB. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2938)

 - JavaFX. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2941)

 - Libraries. An easily exploitable vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2940)

 - Security. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2972)

 - Windows DLL. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2942)

An update of the openjdk8 package has been released.

An update of the openjdk package has been released.

This update for java-1_8_0-ibm to 8.0.5.20 fixes the following issues :

CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit (bsc#1104668).

CVE-2018-2940: Vulnerability in subcomponent: Libraries. Easily exploitable vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data (bsc#1104668).

CVE-2018-2973: Vulnerability in subcomponent: JSSE. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data (bsc#1104668).

CVE-2018-2964: Vulnerability in subcomponent: Deployment. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE. (bsc#1104668).

CVE-2016-0705: Prevent double free in the dsa_priv_decode function that allowed remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key (bsc#1104668).

CVE-2017-3732: Prevent carry propagating bug in the x86_64 Montgomery squaring procedure (bsc#1104668).

CVE-2017-3736: Prevent carry propagating bug in the x86_64 Montgomery squaring procedure (bsc#1104668).

CVE-2018-12539: Users other than the process owner might have been able to use Java Attach API to connect to an IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code (bsc#1104668)

CVE-2018-1517: Unspecified vulnerability (bsc#1104668).

CVE-2018-1656: Unspecified vulnerability (bsc#1104668)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for java-1_8_0-ibm to 8.0.5.20 fixes the following security issues :

CVE-2018-2952: Vulnerability in subcomponent: Concurrency. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit (bsc#1104668)

CVE-2018-2940: Vulnerability in subcomponent: Libraries. Easily exploitable vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data (bsc#1104668)

CVE-2018-2973: Vulnerability in subcomponent: JSSE. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data (bsc#1104668)

CVE-2018-2964: Vulnerability in subcomponent: Deployment. Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE. (bsc#1104668)

CVE-2016-0705: Prevent double free in the dsa_priv_decode function that allowed remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key (bsc#1104668)

CVE-2017-3732: Prevent carry propagating bug in the x86_64 Montgomery squaring procedure (bsc#1104668)

CVE-2017-3736: Prevent carry propagating bug in the x86_64 Montgomery squaring procedure (bsc#1104668)

CVE-2018-1517: Unspecified vulnerability (bsc#1104668)

CVE-2018-1656: Unspecified vulnerability (bsc#1104668)

CVE-2018-12539: Users other than the process owner might have been able to use Java Attach API to connect to an IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code (bsc#1104668)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update of 'openjdk8' packages of Photon OS has been released.

An update of 'vim', 'ntp', 'openjdk', 'libmspack', 'blktrace', 'systemd', 'perl' packages of Photon OS has been released.

An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

This update upgrades Oracle Java SE 8 to version 8 Update 181.

Security Fix(es) :

* Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941)

* Oracle JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment) (CVE-2018-2964)

* Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940)

* OpenJDK: insufficient index validation in PatternSyntaxException getMessage () (Concurrency, 8199547) (CVE-2018-2952)

* Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

This update upgrades Oracle Java SE 8 to version 8 Update 181.

Security Fix(es) :

* Oracle JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX) (CVE-2018-2941)

* Oracle JDK: unspecified vulnerability fixed in 8u181 and 10.0.2 (Deployment) (CVE-2018-2964)

* Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (Libraries) (CVE-2018-2940)

* OpenJDK: insufficient index validation in PatternSyntaxException getMessage () (Concurrency, 8199547) (CVE-2018-2952)

* Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181, and 10.0.2 (JSSE) (CVE-2018-2973)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

The version of Oracle JRockit installed on the remote Windows host is R28.3.18. It is, therefore, affected by multiple vulnerabilities.
See advisory for details.

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components :

  - Concurrency. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2952)

  - Deployment. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2964)

  - JSSE. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2973)

  - Java DB. A difficult to exploit vulnerability allows an     unauthenticated attacker with network access via     multiple protocols to compromise Java SE. (CVE-2018-2938)

  - JavaFX. A difficult to exploit vulnerability allows an     unauthenticated attacker with network access via     multiple protocols to compromise Java SE. (CVE-2018-2941)

  - Libraries. An easily exploitable vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE. (CVE-2018-2940)

  - Security. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2972)

  - Windows DLL. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2942)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
700658	Oracle Java SE 6 < Update 201 / 7 < Update 191 / 8 < Update 181 / 10 < Update 2 Multiple Vulnerabilities (July 2018 CPU)	Nessus Network Monitor	Web Clients	medium
121974	Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0077	Nessus	PhotonOS Local Security Checks	medium
121864	Photon OS 1.0: Openjdk PHSA-2018-1.0-0167	Nessus	PhotonOS Local Security Checks	high
120126	SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2018:3082-1)	Nessus	SuSE Local Security Checks	critical
118293	SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2839-2)	Nessus	SuSE Local Security Checks	critical
117700	SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:2839-1)	Nessus	SuSE Local Security Checks	critical
111961	Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0077 (deprecated)	Nessus	PhotonOS Local Security Checks	medium
111946	Photon OS 1.0: Blktrace / Libmspack / Ntp / Openjdk / Perl / Systemd / Vim PHSA-2018-1.0-0167 (deprecated)	Nessus	PhotonOS Local Security Checks	high
111327	RHEL 6 : java-1.8.0-oracle (RHSA-2018:2256)	Nessus	Red Hat Local Security Checks	medium
111324	RHEL 7 : java-1.8.0-oracle (RHSA-2018:2253)	Nessus	Red Hat Local Security Checks	medium
111214	Oracle JRockit R28.3.18 Multiple Vulnerabilities (July 2018 CPU)	Nessus	Windows	medium
111163	Oracle Java SE Multiple Vulnerabilities (July 2018 CPU)	Nessus	Windows	medium
111162	Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) (Unix)	Nessus	Misc.	medium

CVE-2018-2964

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins