http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

104782

1041302

https://security.netapp.com/advisory/ntap-20180726-0001/

USN-3747-1

An update of the openjdk11 package has been released.

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components :

 - Concurrency. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2952)

 - Deployment. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2964)

 - JSSE. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2973)

 - Java DB. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2938)

 - JavaFX. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2941)

 - Libraries. An easily exploitable vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE. (CVE-2018-2940)

 - Security. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2972)

 - Windows DLL. A difficult to exploit vulnerability allows an unauthenticated attacker with network access via multiple protocols to compromise Java SE (CVE-2018-2942)

This java-11-openjdk update to version jdk-11+24 fixes the following issues :

Security issues fixed :

  - CVE-2018-2940: Fix unspecified vulnerability in     subcomponent Libraries (bsc#1101645).

  - CVE-2018-2952: Fix unspecified vulnerability in     subcomponent Concurrency (bsc#1101651).

  - CVE-2018-2972: Fix unspecified vulnerability in     subcomponent Security (bsc#1101655).

  - CVE-2018-2973: Fix unspecified vulnerability in     subcomponent JSSE (bsc#1101656).

This update was imported from the SUSE:SLE-15:Update update project.

This update for OpenJDK 10.0.2 fixes the following security issues :

  - CVE-2018-2940: the libraries sub-component contained an     easily exploitable vulnerability that allowed attackers     to compromise Java SE or Java SE Embedded over the     network, potentially gaining unauthorized read access to     data that's accessible to the server. [bsc#1101645]

  - CVE-2018-2952: the concurrency sub-component contained a     difficult to exploit vulnerability that allowed     attackers to compromise Java SE, Java SE Embedded, or     JRockit over the network. This issue could have been     abused to mount a partial denial-of-service attack on     the server. [bsc#1101651]

  - CVE-2018-2972: the security sub-component contained a     difficult to exploit vulnerability that allowed     attackers to compromise Java SE over the network,     potentially gaining unauthorized access to critical data     or complete access to all Java SE accessible data.
    [bsc#1101655)

  - CVE-2018-2973: the JSSE sub-component contained a     difficult to exploit vulnerability allowed attackers to     compromise Java SE or Java SE Embedded over the network,     potentially gaining the ability to create, delete or     modify critical data or all Java SE, Java SE Embedded     accessible data without authorization. [bsc#1101656]

Furthemore, the following bugs were fixed :

  - Properly remove the existing alternative for java before     reinstalling it. [bsc#1096420]

  - idlj was moved to the *-devel package. [bsc#1096420]

This update was imported from the SUSE:SLE-15:Update update project.

An update of the openjdk8 package has been released.

An update of the openjdk package has been released.

This update for OpenJDK 10.0.2 fixes the following security issues :

  - CVE-2018-2940: the libraries sub-component contained an     easily exploitable vulnerability that allowed attackers     to compromise Java SE or Java SE Embedded over the     network, potentially gaining unauthorized read access to     data that's accessible to the server. [bsc#1101645]

  - CVE-2018-2952: the concurrency sub-component contained a     difficult to exploit vulnerability that allowed     attackers to compromise Java SE, Java SE Embedded, or     JRockit over the network. This issue could have been     abused to mount a partial denial-of-service attack on     the server. [bsc#1101651]

  - CVE-2018-2972: the security sub-component contained a     difficult to exploit vulnerability that allowed     attackers to compromise Java SE over the network,     potentially gaining unauthorized access to critical data     or complete access to all Java SE accessible data.
    [bsc#1101655)

  - CVE-2018-2973: the JSSE sub-component contained a     difficult to exploit vulnerability allowed attackers to     compromise Java SE or Java SE Embedded over the network,     potentially gaining the ability to create, delete or     modify critical data or all Java SE, Java SE Embedded     accessible data without authorization. [bsc#1101656]     Furthemore, the following bugs were fixed :

  - Properly remove the existing alternative for java before     reinstalling it. [bsc#1096420]

  - idlj was moved to the *-devel package. [bsc#1096420]

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

USN-3747-1 fixed vulnerabilities in OpenJDK 10 for Ubuntu 18.04 LTS.
Unfortunately, that update introduced a regression around accessability support that prevented some Java applications from starting. This update fixes the problem.

We apologize for the inconvenience.

It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. (CVE-2018-2825, CVE-2018-2826)

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service (excessive memory consumption). (CVE-2018-2952)

Daniel Bleichenbacher discovered a vulnerability in the Galois/Counter Mode (GCM) mode of operation for symmetric block ciphers in OpenJDK.
An attacker could use this to expose sensitive information.
(CVE-2018-2972).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that OpenJDK did not properly validate types in some situations. An attacker could use this to construct a Java class that could possibly bypass sandbox restrictions. (CVE-2018-2825, CVE-2018-2826)

It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service (excessive memory consumption). (CVE-2018-2952)

Daniel Bleichenbacher discovered a vulnerability in the Galois/Counter Mode (GCM) mode of operation for symmetric block ciphers in OpenJDK.
An attacker could use this to expose sensitive information.
(CVE-2018-2972).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update of 'openjdk8' packages of Photon OS has been released.

An update of 'vim', 'ntp', 'openjdk', 'libmspack', 'blktrace', 'systemd', 'perl' packages of Photon OS has been released.

The version of Oracle JRockit installed on the remote Windows host is R28.3.18. It is, therefore, affected by multiple vulnerabilities.
See advisory for details.

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 10 Update 2, 8 Update 181, 7 Update 191, or 6 Update 201. It is, therefore, affected by multiple vulnerabilities related to the following components :

  - Concurrency. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2952)

  - Deployment. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2964)

  - JSSE. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2973)

  - Java DB. A difficult to exploit vulnerability allows an     unauthenticated attacker with network access via     multiple protocols to compromise Java SE. (CVE-2018-2938)

  - JavaFX. A difficult to exploit vulnerability allows an     unauthenticated attacker with network access via     multiple protocols to compromise Java SE. (CVE-2018-2941)

  - Libraries. An easily exploitable vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE. (CVE-2018-2940)

  - Security. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2972)

  - Windows DLL. A difficult to exploit vulnerability allows     an unauthenticated attacker with network access via     multiple protocols to compromise Java SE (CVE-2018-2942)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
136100	Photon OS 3.0: Openjdk11 PHSA-2020-3.0-0084	Nessus	PhotonOS Local Security Checks	medium
700658	Oracle Java SE 6 < Update 201 / 7 < Update 191 / 8 < Update 181 / 10 < Update 2 Multiple Vulnerabilities (July 2018 CPU)	Nessus Network Monitor	Web Clients	medium
123250	openSUSE Security Update : java-11-openjdk (openSUSE-2019-575)	Nessus	SuSE Local Security Checks	medium
123247	openSUSE Security Update : java-10-openjdk (openSUSE-2019-570)	Nessus	SuSE Local Security Checks	medium
121974	Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0077	Nessus	PhotonOS Local Security Checks	medium
121864	Photon OS 1.0: Openjdk PHSA-2018-1.0-0167	Nessus	PhotonOS Local Security Checks	high
120065	SUSE SLED15 / SLES15 Security Update : java-10-openjdk (SUSE-SU-2018:2083-1)	Nessus	SuSE Local Security Checks	medium
117479	Ubuntu 18.04 LTS : OpenJDK 10 regression (USN-3747-2)	Nessus	Ubuntu Local Security Checks	medium
112033	Ubuntu 18.04 LTS : OpenJDK 10 vulnerabilities (USN-3747-1)	Nessus	Ubuntu Local Security Checks	medium
111961	Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0077 (deprecated)	Nessus	PhotonOS Local Security Checks	medium
111946	Photon OS 1.0: Blktrace / Libmspack / Ntp / Openjdk / Perl / Systemd / Vim PHSA-2018-1.0-0167 (deprecated)	Nessus	PhotonOS Local Security Checks	high
111597	openSUSE Security Update : java-11-openjdk (openSUSE-2018-830)	Nessus	SuSE Local Security Checks	medium
111572	openSUSE Security Update : java-10-openjdk (openSUSE-2018-810)	Nessus	SuSE Local Security Checks	medium
111214	Oracle JRockit R28.3.18 Multiple Vulnerabilities (July 2018 CPU)	Nessus	Windows	medium
111163	Oracle Java SE Multiple Vulnerabilities (July 2018 CPU)	Nessus	Windows	medium
111162	Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) (Unix)	Nessus	Misc.	medium

CVE-2018-2972

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins