Updated OpenJDK to Version 1.8.0.422 (MINDBREEZE32044)

ID: MINDBREEZE32044
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS
Severity: 7.4 HIGH
Status: Final
First published: September 04, 2024
CVEs: CVE-2024-21147 CVE-2024-21140 CVE-2024-21145 CVE-2024-21011 CVE-2024-21068 CVE-2024-21094 CVE-2024-21131 CVE-2024-21138

Summary

CVE-2024-21011 java-1.8.0-openjdk: long Exception message leading to crash
CVE-2024-21068 java-1.8.0-openjdk: integer overflow in C1 compiler address generation
CVE-2024-21094 java-1.8.0-openjdk: C2 compilation fails with "Exceeded _node_regs array
CVE-2024-21131 java-1.8.0-openjdk: potential UTF8 size overflow
CVE-2024-21138 java-1.8.0-openjdk: Excessive symbol length can lead to infinite loop
CVE-2024-21140 java-1.8.0-openjdk: Range Check Elimination (RCE) pre-loop limit overflow
CVE-2024-21145 java-1.8.0-openjdk: Out-of-bounds access in 2D image handling
CVE-2024-21147 java-1.8.0-openjdk: RangeCheckElimination array index overflow

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:

Mindbreeze InSpire SaaS 24.5 Release
Mindbreeze InSpire 24.5 Release

Updated OpenJDK to Version 1.8.0.422 (MINDBREEZE32044)

Summary

Social Media

Security

Support

Newsletter

Language