java-17-openjdk-17.0.14.0.7-2.el9.ML.1
エラータID: AXSA:2025-9583:02
リリース日:
2025/01/28 Tuesday - 11:39
題名:
java-17-openjdk-17.0.14.0.7-2.el9.ML.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Java の Hotspot コンポーネントには、リモートの攻撃者
により、複数のプロトコルによるネットワークアクセスを
介して、不正なデータの操作 (更新、挿入、および削除)
および不正なデータの読み取りを可能とする脆弱性が存在
します。(CVE-2025-21502)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-21502
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
追加情報:
N/A
ダウンロード:
SRPMS
- java-17-openjdk-17.0.14.0.7-2.el9.ML.1.src.rpm
MD5: 0938c21c315eff2af5ebc6a967253ae3
SHA-256: d88d2664d8b9d15c834426f6b2a211a1e5398bc204770df4c6d96d2c7797f44b
Size: 63.61 MB
Asianux Server 9 for x86_64
- java-17-openjdk-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: af78b3e0603bc5f870b830d449f780b2
SHA-256: 612b39741bd07c07c539ec7a5ee19bf229bdefc34d1cdb4e42f8a42d947f50ca
Size: 429.74 kB - java-17-openjdk-demo-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: f3ff2b4c619f443c24e3846b490dbd4c
SHA-256: 2783bdc421fa413ea47cbddeca66a83150d5cf17a60830bd7575bfc8e4dc5d74
Size: 3.41 MB - java-17-openjdk-demo-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: daf3ec77b428a79abffbf87047f835ff
SHA-256: 73e14354c6f6c1bde680ae55fa8e93efc47867552f2d773dd9518a4e9c82eec8
Size: 3.41 MB - java-17-openjdk-demo-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 15d9a782f10643e5cd42bbf878c19ea0
SHA-256: 517972896821e7f683bdde9eed8e47d3a031b7e393f2a2806c44b27876fe9006
Size: 3.41 MB - java-17-openjdk-devel-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 87e63592dc7d42b59706c0154c61f324
SHA-256: ce3af66040bc287b0aa2ff08b7ba226008e5c9ff0d3c20f6b13fad388c4a4e03
Size: 4.72 MB - java-17-openjdk-devel-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 61580ec489d216bb76da837d792f9c7e
SHA-256: 1fc1ff2c1453837d1ad8f4e5ddc232c024046553106e9a0d030f3d55cda90523
Size: 4.72 MB - java-17-openjdk-devel-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: c4042aabbf67d967e03af74cc3b73b7d
SHA-256: bd65e3a0e8175e25c1cf4350f7dbadbbfcc11b37694c89645f91fdefd4dbe452
Size: 4.72 MB - java-17-openjdk-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: fa01df9da4a0128577df65ddd9b0936c
SHA-256: de711bcb4d666874b3ccc33d45156d321e0df7ef129599f9bda7e6f879888283
Size: 437.83 kB - java-17-openjdk-headless-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 20952b2a4c8618d94e56baea90504e84
SHA-256: 6bf6c941f0982fa29f37e399804cc60ceb204f96826a71915069110155fcbdd6
Size: 44.04 MB - java-17-openjdk-headless-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 10f9790a67c51d85f3cad412771e7956
SHA-256: 346876a20f4282fe69457f447fa2ec4f17b82fe44e573dc39cd91bc4ed1057e2
Size: 49.08 MB - java-17-openjdk-headless-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 8a7c312cc4580ea8c8a31b63a31f938e
SHA-256: 096db841469d555be91e74c20883f7c88d9340e425a44a3171712eeafa46ff13
Size: 45.77 MB - java-17-openjdk-javadoc-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: e41c186a18cd83d9b9591a4cda5c1331
SHA-256: 8492208ea0742a187c1c4e15906c3bcd5122bcc8d100c4f60842996b993060b4
Size: 14.68 MB - java-17-openjdk-javadoc-zip-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 92d2245bc6c1a809fda48bffa62c6393
SHA-256: e870a622b81eadd6df15788d2753e2af7d23fb7b6bb475d8ba2a01ce9667673b
Size: 39.43 MB - java-17-openjdk-jmods-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: f8411d5566fafc8297cdf20734e2e144
SHA-256: 5092f4fc5532e14413c305166a82f06272c91b78d8b50c58f93ab63a0e380115
Size: 243.78 MB - java-17-openjdk-jmods-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 488cff022345807ce16ce40fb7951d43
SHA-256: 1644c172913ab67eb73c28691bc20db06174dbbfb0486dc7db5e7ef818763652
Size: 242.72 MB - java-17-openjdk-jmods-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: e98b90fbc23163deb125ecf9fab18d7f
SHA-256: 4593043181008dbe2ac03cc0885e021aec665b6646cb511a6cfc3cbdf57e793e
Size: 172.42 MB - java-17-openjdk-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 354f4a4f2c9595afcb80ada39f63fcb5
SHA-256: ffb1cc8e3fa472aa6e8f1d27116099350ff3f4c2a9bd47a54e61945a80944b65
Size: 409.46 kB - java-17-openjdk-src-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 8a1b476e3bc7b46568ec35f720c0c0b1
SHA-256: 246b586a5f9b144d9399458fc48a97f0da37f0d0c31987e9bed5ba24d0b2d71b
Size: 44.82 MB - java-17-openjdk-src-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 9e311fab9195a587e4e5b2229b6ba59b
SHA-256: 89073067586ca20ffceea4e9f0700848f7eb4f5e71d2d8717580ce3d769a3a72
Size: 44.83 MB - java-17-openjdk-src-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 2f826aecfa4696d22680cdcf5d3cc04e
SHA-256: eaa636ac0d47e21b369a22b45e16833439d902fa51bfc1122889916a4596c8fa
Size: 44.82 MB - java-17-openjdk-static-libs-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: 2c4eba83def5f5801a99d922b70a7833
SHA-256: 174c3e5c0f65344df0872688d8174d9ad9c98a144d5a8a38ab8a2f6b5fb400ef
Size: 26.34 MB - java-17-openjdk-static-libs-fastdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: e070c1b56451058a4d20246f15aebdb9
SHA-256: c61538524444e1050ca7e3bb055983486b5ef5d650838d6ab9b3a7cfe605f665
Size: 26.48 MB - java-17-openjdk-static-libs-slowdebug-17.0.14.0.7-2.el9.ML.1.x86_64.rpm
MD5: c83402f656e4ee22066e24ea73243c18
SHA-256: 8468fede763ecf70fc1a5ef3f07b985b08fb745770d736dc3ff0f44489abc0ae
Size: 20.14 MB