java-21-openjdk-21.0.6.0.7-1.el9.ML.1
エラータID: AXSA:2025-9590:02
リリース日:
2025/01/29 Wednesday - 16:40
題名:
java-21-openjdk-21.0.6.0.7-1.el9.ML.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Java の Hotspot コンポーネントには、リモートの攻撃者に
より、複数のプロトコルによるネットワークアクセスを介して、
不正なデータの操作 (更新、挿入、および削除) および不正な
データの読み取りを可能とする脆弱性が存在します。
(CVE-2025-21502)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-21502
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
追加情報:
N/A
ダウンロード:
SRPMS
- java-21-openjdk-21.0.6.0.7-1.el9.ML.1.src.rpm
MD5: 2fbc9229ddd6dddf26f94e4d58b700d3
SHA-256: dc8dfe6171260d3dc3a9d79199cfa8b0f311c7761cbc8a1fc79fbe6e8ea3fba1
Size: 67.29 MB
Asianux Server 9 for x86_64
- java-21-openjdk-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: fa4b6d6585062f12da48a56cc8f3c7e1
SHA-256: bee283739ac2e746f2234f382108a08d6da530a3189a3592de5feec5557bd0a1
Size: 428.31 kB - java-21-openjdk-demo-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 1bac460057812b7d3fcd77ddc8622505
SHA-256: 8fede77c8ae6288530508a7d0777fc9f0e63a7bcaab1b512beb76c9286150afc
Size: 3.18 MB - java-21-openjdk-demo-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: e9a3b6fc50ae4227d7728cf767570b57
SHA-256: 34c95ef6963838ef825bb3331c141e80721620f346d28de2d743abd18760c902
Size: 3.18 MB - java-21-openjdk-demo-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: c5247faf622dc0655b72279263120d98
SHA-256: 6129e9375e7c3b2a01f1b468ad4004d9b70eac20e7b3d58fc8594ee939953d2c
Size: 3.18 MB - java-21-openjdk-devel-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: f5d52056394f57fec7e0c3a33ad8c26c
SHA-256: c8beceb1f31cacd766b153995d915981af06fe7f55e2fe5bdadda672ee69155d
Size: 5.01 MB - java-21-openjdk-devel-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 3e1d4bbe9a19d60bccb19d39e0ed67cc
SHA-256: 4b7eeaa16b45ab400422f343386a2e857e2e30c3db2dd12b37b9b04d827cd4b5
Size: 5.01 MB - java-21-openjdk-devel-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: f16a4b2ac7442cd0ca5c5cbf42e89ab3
SHA-256: f82b00342dc359df38492a97c4f56d29a586cbb87a1660220889af5be934de22
Size: 5.01 MB - java-21-openjdk-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: d73ddc02425b38998d131bb7d4dd9235
SHA-256: 78562cc2d94875b88624f535258f1c50eaee897c452bd0ad7a10ee5d3ffde48b
Size: 437.71 kB - java-21-openjdk-headless-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 7366bd1e1ac80a6ad01a0d4282d8e5bf
SHA-256: ba368a9c4b9ac0f2d9c9d2868de783d7a1a2cee40841266e9b0a882a75f6f9ba
Size: 47.24 MB - java-21-openjdk-headless-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 84c612df76c24745d3b36d2eecf9276c
SHA-256: 526c3ad282520bff8312b785e2eae741cf0e9cb506b79ddfcc452089c5fce328
Size: 51.76 MB - java-21-openjdk-headless-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: f49074108799da08c66690d5997f3013
SHA-256: 248574cd44f1a52c10415e309a8c70d078e58af0c244d1a26be408082ba25bd8
Size: 49.76 MB - java-21-openjdk-javadoc-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 94b5b7ba40c9f51f4db154b3b70cf32f
SHA-256: d012ef65bc3c078e7a3301216b88c5f6927806b5ec819d3995f2c4769b8eb947
Size: 14.98 MB - java-21-openjdk-javadoc-zip-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 37eb26c19b8649bfc45fc816b04e63a4
SHA-256: 39ae54c3b489625720824e9b9b43d874554b69647bfb824d75b35b7eecf9affa
Size: 40.56 MB - java-21-openjdk-jmods-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 6ff992dc5ffb3984d228c3c9f3cf6c7d
SHA-256: 1272ea97fa353b9086ec1e6ecffd6c92bbca76b7df25b4e66cfc8c7481b425e8
Size: 301.26 MB - java-21-openjdk-jmods-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 144b1b3043843b39fd0ee330f15f96b8
SHA-256: 95d970253c74f1963b0c967356fb6379c3ec673bce4413a38df135047fa5474c
Size: 352.30 MB - java-21-openjdk-jmods-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: d1cf828bad1ce21a7efd5a8f24963883
SHA-256: d0695dcdd4770518adfc27ddb829a5aa9e0f628e0feef270f8ec67b3f09f7e93
Size: 267.30 MB - java-21-openjdk-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: cd5727d2ab14b06badd840422ef7680b
SHA-256: ca02d4ee671f4dc0781436b072208e3a13df58a6927bb8470730295aa6400c9b
Size: 407.70 kB - java-21-openjdk-src-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 23b43e279e5afa89e5ea35cabaf1e896
SHA-256: bdc9ee589051e7ff79035501cc1ee87aae2a760d0b0287133ef7ec3667980a37
Size: 46.70 MB - java-21-openjdk-src-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 7f60b3855b10e561dabc4b5a0ec85d13
SHA-256: 88f0f575aa8740baeef4d6834013e6ba5171eca1e1134af9519915af751dedb7
Size: 46.71 MB - java-21-openjdk-src-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: cdc2c5d4fbd3448bd1274e9c2fc4f6ec
SHA-256: ffa4b4fef0fc278ba587b1c4f106e79f040d0d6ef209383d3e107f512a369397
Size: 46.71 MB - java-21-openjdk-static-libs-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: 250b8eecb90dceba5151962176a217a3
SHA-256: 328309d5fd67d150e4c4e53ae0cb277724c188f785918d85b9c22acf8f93c83f
Size: 28.50 MB - java-21-openjdk-static-libs-fastdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: cd296f4570b30c36cfbe5138344e46e6
SHA-256: 83137fcb04101a87c27c572f109d55a3997192a64be2130ce17eabf4df3b05c2
Size: 28.50 MB - java-21-openjdk-static-libs-slowdebug-21.0.6.0.7-1.el9.ML.1.x86_64.rpm
MD5: f1e3081c2a34336e35c077138c926760
SHA-256: 1715c703cf252e93a7a20865e83a1382c6869515cde325794479173dc67d9c62
Size: 19.96 MB
English