1225470 – (CVE-2024-3933) VUL-0: CVE-2024-3933: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when run ...

Bug 1225470 (CVE-2024-3933) - VUL-0: CVE-2024-3933: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_7_0-openjdk,java-1_8_0-ibm,java-1_8_0-openj9,java-1_8_0-openjdk,java-21-openjdk,java-9-openjdk: In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when run ...

Summary: VUL-0: CVE-2024-3933: java-10-openjdk,java-11-openjdk,java-17-openjdk,java-1_...

Status:	NEW

Alias:	CVE-2024-3933

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/407832/
Whiteboard:	CVSSv3.1:SUSE:CVE-2024-3933:5.3:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-05-28 11:50 UTC by SMASH SMASH
Modified:	2024-06-24 18:24 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2024-05-28 11:50:58 UTC

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer with an incorrect length value when executing an arraycopy sequence while the Concurrent Scavenge Garbage Collection cycle is active and the source and destination memory regions for arraycopy overlap. This allows read and write to addresses beyond the end of the array range.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-3933
https://www.cve.org/CVERecord?id=CVE-2024-3933
https://github.com/eclipse/omr/pull/7275
https://gitlab.eclipse.org/security/cve-assignement/-/issues/21

Comment 1 Fridrich Strba 2024-05-28 20:04:29 UTC

Last week, the java-N-openj9 versions based on OpenJ9 0.44.0 went into Factory and SLE-15-SP2. Reassigning to security for closing.