Fluid Attacks Database

Description

A vulnerability was found in OpenJDK. This issue occurs in the ciMethodBlocks::make_block_at function in OpenJDK (HotSpot VM) 8 (11 and 17 are fixed starting from 11.0.17 and 17.0.5 respectively), and may allow an attacker to cause a denial of service.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel8	java-1.8.0-openjdk	<1:1.8.0.392.b08-4.el8	1:1.8.0.392.b08-4.el8
rpm rhel8.6	java-1.8.0-openjdk	<1:1.8.0.392.b08-2.el8_6	1:1.8.0.392.b08-2.el8_6
rpm rhel9	java-1.8.0-openjdk	<1:1.8.0.392.b08-3.el9	1:1.8.0.392.b08-3.el9
rpm rhel9.0	java-1.8.0-openjdk	<1:1.8.0.392.b08-2.el9_0	1:1.8.0.392.b08-2.el9_0

Aliases

1. CVE-2022-404332. NVD-2022-404333. OSV-2022-40433

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.