CVE-2024-10917

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Eclipse OpenJ9 versions up to 0.47

Description The JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From version 0.48, the value is correct but may be truncated to include a smaller number of characters.

Recommendations For Eclipse OpenJ9 versions up to 0.47, update to version 0.48 or later to resolve the issue. As a temporary workaround, consider implementing input validation to handle potential incorrect values returned by the GetStringUTFLength function until a patch is available.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2024-10917

OPENSUSE-SU-2025_0674-1

SUSE-SU-2025:0674-1

SUSE-SU-2025:0675-1

SUSE-SU-2025_0674-1

SUSE-SU-2025_0675-1

Affected Products

Eclipse Openj9

Ibm Aix

Suse

CVE-2024-10917

Weakness Enumeration

Related Identifiers

Affected Products

References · 22