Out-of-bounds Write Affecting java-11-openjdk-jmods-fastdebug package, versions <1:11.0.25.0.9-2.el9
Threat Intelligence
EPSS
0.04% (6th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-ALMALINUX9-JAVA11OPENJDKJMODSFASTDEBUG-8233073
- published 18 Oct 2024
- disclosed 16 Oct 2024
Introduced: 16 Oct 2024
New CVE-2023-48161 Open this link in a new tabHow to fix?
Upgrade AlmaLinux:9 java-11-openjdk-jmods-fastdebug to version 1:11.0.25.0.9-2.el9 or higher.
This issue was patched in ALSA-2024:8121.
NVD Description
Note: Versions mentioned in the description apply only to the upstream java-11-openjdk-jmods-fastdebug package and not the java-11-openjdk-jmods-fastdebug package as distributed by AlmaLinux.
See How to fix? for AlmaLinux:9 relevant fixed versions and status.
Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c
References
- https://errata.almalinux.org/8/ALSA-2024-8117.html
- https://errata.almalinux.org/9/ALSA-2024-8117.html
- https://errata.almalinux.org/9/ALSA-2024-8121.html
- https://errata.almalinux.org/9/ALSA-2024-8124.html
- https://errata.almalinux.org/9/ALSA-2024-8127.html
- https://access.redhat.com/security/cve/CVE-2023-48161
- https://access.redhat.com/errata/RHSA-2024:8117
- https://access.redhat.com/errata/RHSA-2024:8121
- https://access.redhat.com/errata/RHSA-2024:8124
- https://access.redhat.com/errata/RHSA-2024:8127
- https://github.com/tacetool/TACE#cve-2023-48161
- https://sourceforge.net/p/giflib/bugs/167/
CVSS Scores
version 3.1