REDHAT-BUG-2257837: High severity OpenJDK OpenJDK vulnerability
Published Jan 11, 2024
·Updated
It was discovered that the TLS implementation in the Security component of OpenJDK was vulnerable to an RSA padding issue and timing side-channel attack. This could possibly lead to disclosure of some information meant to be protected by encryption.
Affected Software
1 affected component
OpenJDK OpenJDK
Event History
Jan 11, 2024
Data Sourced
via Red Hat·09:16 AM
DescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the severity of REDHAT-BUG-2257837?
The severity of REDHAT-BUG-2257837 is classified as high due to the potential for information disclosure.
2
How do I fix REDHAT-BUG-2257837?
To fix REDHAT-BUG-2257837, update OpenJDK to the latest patched version.
3
What could be the impact of REDHAT-BUG-2257837?
The impact of REDHAT-BUG-2257837 includes the risk of information being disclosed due to a TLS implementation flaw.
4
Which software is affected by REDHAT-BUG-2257837?
REDHAT-BUG-2257837 affects OpenJDK, particularly its TLS security implementation.
5
Is there a workaround for REDHAT-BUG-2257837?
There are no known effective workarounds for REDHAT-BUG-2257837; updating is the recommended action.