漏洞类别:Amazon Linux
漏洞等级: 
漏洞信息
Incorrect enforcement of certificate path restrictions:
It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198)
Insufficient access control checks in XML transformations (CVE-2017-10096)
Incorrect range checks in LambdaFormEditor (CVE-2017-10111)
Insufficient access control checks in AsynchronousChannelGroupImpl (CVE-2017-10090)
Incorrect key size constraint check (CVE-2017-10193)
Integer overflows in range check loop predicates (CVE-2017-10074)
PKCS#8 implementation timing attack:
A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135)
Incorrect handling of references in DGC:
It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102)
Insufficient access control checks in ImageWatched (CVE-2017-10110)
Unrestricted access to com.sun.org.apache.xml.internal.resolver (CVE-2017-10101)
DSA implementation timing attack:
A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115)
Insufficient access control checks in ActivationID (CVE-2017-10107)
LDAPCertStore following referrals to non-LDAP URLs:
It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116)
JAR verifier incorrect handling of missing digest (CVE-2017-10067)
QID Detection Logic:
This authenticated QID verifies if the version of the following files is lesser than 1.8.0.141-1.b16.32.amzn1: java-1.8.0-openjdk-debuginfo, java-1.8.0-openjdk-devel, java-1.8.0-openjdk-headless, java-1.8.0-openjdk, java-1.8.0-openjdk-demo, java-1.8.0-openjdk-src, java-1.8.0-openjdk-javadoc-zip, java-1.8.0-openjdk-javadoc
漏洞危害
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
解决方案
Please refer to Amazon advisory ALAS-2017-860 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
ALAS-2017-860: Amazon Linux (java-1.8.0-openjdk (1.8.0.141-1.b16.32.amzn1) on noarch)
ALAS-2017-860: Amazon Linux (java-1.8.0-openjdk (1.8.0.141-1.b16.32.amzn1) on x86_64)
ALAS-2017-860: Amazon Linux (java-1.8.0-openjdk (1.8.0.141-1.b16.32.amzn1) on src)
ALAS-2017-860: Amazon Linux (java-1.8.0-openjdk (1.8.0.141-1.b16.32.amzn1) on i686)
0daybank
文章评论