Opened 14 months ago
Closed 14 months ago
#20968 closed enhancement (fixed)
jdk-23.0.2
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.3 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version
Change History (4)
comment:1 by , 14 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 14 months ago
comment:3 by , 14 months ago
The security vulnerability resolved as CVE-2025-21502, in the Hotspot component. It's remotely exploitable without authentication over the network, and allows for unauthorized read/write access to data accessible to a running Java program. It's been marked as Medium because the attack complexity is very high.
comment:4 by , 14 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at ef17b2d1bf3fe2a88add9ba8791dc0a69810bba1
SA-12.2-070 issued
Note:
See TracTickets
for help on using tickets.
The 32-bit binary as well as jtreg have been uploaded to anduin. I'm currently finishing up the 64-bit binary