Arch Linux Security Advisory ASA-201501-19 ========================================== Severity: Critical Date : 2015-01-23 CVE-ID : CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0403 CVE-2015-0406 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0413 Package : jre7-openjdk Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package jre7-openjdk before version 7.u75_2.5.4-1 is vulnerable to multiple issues including bug not limited to arbitrary code execution, information disclosure, denial of service, privilege escalation and man-in-the-middle. Resolution ========== Upgrade to 7.u75_2.5.4-1. # pacman -Syu "jre7-openjdk>=7.u75_2.5.4-1" The problems have been fixed upstream in version 7.u75. Workaround ========== None. Description =========== - CVE-2014-3566 (man-in-the-middle) Nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. - CVE-2014-6585 (out-of-bounds read) Allows remote attackers to affect confidentiality via font parsing out-of-bounds read related to 2D. - CVE-2014-6587 (privilege escalation) MulticastSocket NULL pointer dereference allows local users to affect confidentiality, integrity, and availability. - CVE-2014-6591 (out-of-bounds read) Allows remote attackers to affect confidentiality via font parsing out-of-bounds read related to 2D. - CVE-2014-6593 (man-in-the-middle) Incorrect tracking of ChangeCipherSpec during SSL/TLS handshake allows remote attackers to affect confidentiality and integrity. - CVE-2014-6601 (arbitrary code execution) Class verifier insufficient invokespecial calls verification related to Hotspot allows remote attackers to affect confidentiality, integrity, and availability. - CVE-2015-0383 (denial of service) Insecure hsperfdata temporary file handling related to Hotspot allows local users to affect integrity and availability. - CVE-2015-0395 (arbitrary code execution) Phantom references handling issue in garbage collector related to Hotspot allows remote attackers to affect confidentiality, integrity, and availability. - CVE-2015-0400 (information disclosure) Successful unauthenticated network attacks via multiple protocols can result in unauthorized read access to a subset of Java SE accessible data. - CVE-2015-0403 (arbitrary code execution) Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. - CVE-2015-0406 (information disclosure) Successful unauthenticated network attacks via multiple protocols can result in unauthorized read access to a subset of accessible data and ability to cause a partial denial of service. - CVE-2015-0407 (information disclosure) Directory information leak via file chooser related to Swing allows remote attackers to affect confidentiality. - CVE-2015-0408 (arbitrary code execution) Incorrect context class loader use in RMI transport allows remote attackers to affect confidentiality, integrity, and availability. - CVE-2015-0410 (denial of service) DER decoder infinite loop allows remote attackers to affect availability. - CVE-2015-0412 (arbitrary code execution) Insufficient code privileges checks related to JAX-WS allows remote attackers to affect confidentiality, integrity, and availability. - CVE-2015-0413 (unauthorized modification) Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data. - CVE-2015-0421 (arbitrary code execution) Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. - CVE-2015-0437 (arbitrary code execution) Code generation issue related to Hotspot allows remote attackers to affect confidentiality, integrity, and availability. Impact ====== A remote attacker is able to perform arbitrary code execution, information disclosure, denial of service, privilege escalation and man-in-the-middle via various vulnerabilities. References ========== http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.... https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6585 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6587 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6591 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6593 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6601 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0383 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0395 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0400 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0403 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0406 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0407 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0408 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0410 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0412 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0413