exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2024-21011

Status Candidate

Overview

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

Related Files

Ubuntu Security Notice USN-6813-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6813-1 - It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 21 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | 6e92f7b3b851a83ed6cc28570888c52ba58f3635231d02a4b6a4f1aa80e5b490
Ubuntu Security Notice USN-6812-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6812-1 - It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 17 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | d76d3814c48011af9e2b9e60715ce52cc7267b927080e73cd0fdcc7bbf1f0a01
Ubuntu Security Notice USN-6811-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6811-1 - It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJDK 11 incorrectly performed reverse DNS query under certain circumstances in the Networking/HTTP client component. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, web, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094
SHA-256 | dde28026b3a2f1cea25ed309d8230392afe8d23951483f501cb7a7d1687e4197
Ubuntu Security Notice USN-6810-1
Posted Jun 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6810-1 - It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this issue to cause a denial of service. Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 8 incorrectly handled address offset calculations in the C1 compiler. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-21011, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094
SHA-256 | e6d818dbb514b1bb5bb6b123a1e381da5c04850e46df819458f1109785b4ca63
Debian Security Advisory 5672-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5672-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21094
SHA-256 | a9064c09d4359e5484ea104362dc6a838926946bd9996ac856a59a71a2840bdb
Debian Security Advisory 5671-1
Posted Apr 23, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5671-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, CVE-2024-21094
SHA-256 | 5c18eb648b6f3785439fef0afc436e9646416b6ddec16705c0cb435ea59ff3a9
Red Hat Security Advisory 2024-1828-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1828-03 - An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 66e1f9efa2400c9987955cf56660274bc6b9aa14c3c2998d7b044398bd290fd0
Red Hat Security Advisory 2024-1826-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1826-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | d3b16e22d748d44500714eeca4545d0b7f6d7811c2e711cd7bb596096c741934
Red Hat Security Advisory 2024-1822-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1822-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 44c796b582a5b81103c18e46e4067bab53be13a7c3404887b51ecf0ca5192eb2
Red Hat Security Advisory 2024-1821-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1821-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | f40237d1edf007c8f38b1b79b61e3d331c7043f8da3f2c8f859bc63cd66691e0
Red Hat Security Advisory 2024-1819-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1819-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 495970510dcea23dc8a8c355ce578b50952ec4e97258f437b628143520a5308c
Red Hat Security Advisory 2024-1818-03
Posted Apr 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1818-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | b6b72d2d07588c0a0e612a9b7cfc352c741b627263cf5b7200b33362cb8d5793
Red Hat Security Advisory 2024-1827-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1827-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 2bb88788878b83edd6807a251e188eed0f83bbb375cc781ef7200e65f2c8aeea
Red Hat Security Advisory 2024-1825-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1825-03 - An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Extended Update Support, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Extended Update Support, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 4fba84c5865b83ce2be2d7d40ed4bdb7edd461ec78209e4934479634d0dbb955
Red Hat Security Advisory 2024-1824-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1824-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 69cf7200bc97e9ee0bcf333fbf7b35e645abc82aa87783c69ba74a7962f60805
Red Hat Security Advisory 2024-1823-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1823-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 4a5b8a3af7361517b6c931248e38031dd84a58ba291e890dd1c8040734e72e61
Red Hat Security Advisory 2024-1820-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1820-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 4b9da8dff3c5b4294b142b77e2b204ceda4d1f31039172853ae842cc1f2a34fb
Red Hat Security Advisory 2024-1817-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1817-03 - An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Issues addressed include an integer overflow vulnerability.

tags | advisory, java, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 4b59b814abb1f6beb94c843f2e7878d96e9b753b88e25787268ef28e30c57ee6
Red Hat Security Advisory 2024-1816-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1816-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 08915273201c7587360f439c41cf435541a56d1f327a42af01813330c85fb103
Red Hat Security Advisory 2024-1815-03
Posted Apr 18, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1815-03 - An update is now available for OpenJDK. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2024-21011
SHA-256 | 9b57ba244fb00b55111e0d6d8f98f3b94bb2e9304a39f5e8dce4359430f33a57
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close