CVE-2019-17639
Description
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the methods declared return type.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.632
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 10.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.2 | Windows |
| Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.10 | Windows |
| Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.7 | Windows |
| Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.8 | Windows |
| Multiple Vulnerabilities are affected in IBM Operational Decision Manager 8.9 | Windows |
| Multiple Vulnerabilities are affected in IBM Tivoli Application Dependency Discovery Manager 7.3.0.7 | Windows |
| Multiple Vulnerabilities are affected in IBM TXSeries for Multiplatforms 8.2.0.2 | Windows |
| Multiple Vulnerabilities are affected in IBM TXSeries for Multiplatforms 9.1.0.1 | Windows |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-demo-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-headless-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-jdbc-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-plugin-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-src-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3386) java-1.8.0-ibm security update java-1.8.0-ibm-webstart-1.8.0.6.15-1.el8_2.x86_64.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el6_10.i686.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el6_10.x86_64.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el6_10.i686.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el6_10.x86_64.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el6_10.i686.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el6_10.x86_64.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el6_10.i686.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el6_10.x86_64.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.70-1jpp.1.el6_10.i686.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.70-1jpp.1.el6_10.x86_64.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el6_10.i686.rpm | Linux |
| (RHSA-2020:3387) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el6_10.x86_64.rpm | Linux |
| (RHSA-2020:3388) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.70-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:3388) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.70-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:3388) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.70-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:3388) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.70-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:3388) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.70-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:3388) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.70-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:5585) java-1.8.0-ibm security update java-1.8.0-ibm-1.8.0.6.20-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:5585) java-1.8.0-ibm security update java-1.8.0-ibm-demo-1.8.0.6.20-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:5585) java-1.8.0-ibm security update java-1.8.0-ibm-devel-1.8.0.6.20-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:5585) java-1.8.0-ibm security update java-1.8.0-ibm-jdbc-1.8.0.6.20-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:5585) java-1.8.0-ibm security update java-1.8.0-ibm-plugin-1.8.0.6.20-1jpp.1.el7.x86_64.rpm | Linux |
| (RHSA-2020:5585) java-1.8.0-ibm security update java-1.8.0-ibm-src-1.8.0.6.20-1jpp.1.el7.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234