Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3691-1)

Medium Nessus Plugin ID 110662

Synopsis

The remote Ubuntu host is missing one or more security-related
patches.

Description

It was discovered that the Security component of OpenJDK did not
correctly perform merging of multiple sections for the same file
listed in JAR archive file manifests. An attacker could possibly use
this to modify attributes in a manifest without invalidating the
signature. (CVE-2018-2790)

Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo
Focardi discovered that the Security component of OpenJDK did not
restrict which classes could be used when deserializing keys from the
JCEKS key stores. An attacker could use this to specially craft a
JCEKS key store to execute arbitrary code. (CVE-2018-2794)

It was discovered that the Security component of OpenJDK in some
situations did not properly limit the amount of memory allocated when
performing deserialization. An attacker could use this to cause a
denial of service (memory exhaustion). (CVE-2018-2795)

It was discovered that the Concurrency component of OpenJDK in some
situations did not properly limit the amount of memory allocated when
performing deserialization. An attacker could use this to cause a
denial of service (memory exhaustion). (CVE-2018-2796)

It was discovered that the JMX component of OpenJDK in some situations
did not properly limit the amount of memory allocated when performing
deserialization. An attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-2797)

It was discovered that the AWT component of OpenJDK in some situations
did not properly limit the amount of memory allocated when performing
deserialization. An attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-2798)

It was discovered that the JAXP component of OpenJDK in some
situations did not properly limit the amount of memory allocated when
performing deserialization. An attacker could use this to cause a
denial of service (memory exhaustion). (CVE-2018-2799)

Moritz Bechler discovered that the RMI component of OpenJDK enabled
HTTP transport for RMI servers by default. A remote attacker could use
this to gain access to restricted services. (CVE-2018-2800)

It was discovered that a vulnerability existed in the Hotspot
component of OpenJDK affecting confidentiality, data integrity, and
availability. An attacker could use this to specially craft an Java
application that caused a denial of service or bypassed sandbox
restrictions. (CVE-2018-2814)

Apostolos Giannakidis discovered that the Serialization component of
OpenJDK did not properly bound memory allocations in some situations.
An attacker could use this to cause a denial of service (memory
exhaustion). (CVE-2018-2815).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution

Update the affected packages.

See Also

https://usn.ubuntu.com/3691-1/

Plugin Details

Severity: Medium

ID: 110662

File Name: ubuntu_USN-3691-1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2018/06/22

Modified: 2018/12/01

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 8.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:canonical:ubuntu_linux:icedtea-7-jre-jamvm, p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre, p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-headless, p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-lib, p-cpe:/a:canonical:ubuntu_linux:openjdk-7-jre-zero, cpe:/o:canonical:ubuntu_linux:14.04

Patch Publication Date: 2018/06/21

Reference Information

CVE: CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, CVE-2018-2814, CVE-2018-2815

USN: 3691-1