CVE-2018-2657

Priority
Description
Vulnerability in the Java SE, JRockit component of Oracle Java SE
(subcomponent: Serialization). Supported versions that are affected are
Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise Java SE, JRockit. Successful attacks of
this vulnerability can result in unauthorized ability to cause a partial
denial of service (partial DOS) of Java SE, JRockit. Note: This
vulnerability can only be exploited by supplying data to APIs in the
specified Component without using Untrusted Java Web Start applications or
Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score
5.3 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Notes
sbeattieoracle only
Package
Upstream:not-affected (Oracle only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [Oracle only])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:not-affected (Oracle only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [Oracle only])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:not-affected (Oracle only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (Oracle only)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (Oracle only)
Package
Upstream:not-affected (Oracle only)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (Oracle only)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (Oracle only)
More Information

Updated: 2020-03-18 22:52:12 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)