Description
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of
Oracle Java SE (component: JSSE). Supported versions that are affected are
Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and
21.2.0. Easily exploitable vulnerability allows unauthenticated attacker
with network access via TLS to compromise Java SE, Oracle GraalVM
Enterprise Edition. Successful attacks of this vulnerability can result in
unauthorized ability to cause a partial denial of service (partial DOS) of
Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can
only be exploited by supplying data to APIs in the specified Component
without using Untrusted Java Web Start applications or Untrusted Java
applets, such as through a web service. CVSS 3.1 Base Score 5.3
(Availability impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Ubuntu-Description
it was discovered that the TLS implementation in OpenJDK did not
properly handle TLS handshakes in certain situations where a Java
application is acting as a TLS server. A remote attacker could
possibly use this to cause a denial of service (application crash).
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | needs-triage
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | released
(8u312-b07-0ubuntu1~18.04)
|
Ubuntu 20.04 LTS: | released
(8u312-b07-0ubuntu1~20.04)
|
Ubuntu 21.10: | released
(8u312-b07-0ubuntu1~21.10)
|
Ubuntu 16.04 ESM: | released
(8u312-b07-0ubuntu1~16.04)
|
Ubuntu 22.04 LTS: | not-affected
(8u302-b08-0ubuntu2)
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-25 00:56:32 UTC (commit ecc1009cb19540b950de59270950018900f37f15)