CVE-2024-27267

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM SDK, Java Technology Edition versions 7.1.0.0 through 7.1.5.18 IBM SDK, Java Technology Edition versions 8.0.0.0 through 8.0.8.26

Description The Object Request Broker (ORB) in IBM SDK, Java Technology Edition is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.

Recommendations For IBM SDK, Java Technology Edition versions 7.1.0.0 through 7.1.5.18, update to a version outside of this range to resolve the issue. For IBM SDK, Java Technology Edition versions 8.0.0.0 through 8.0.8.26, update to a version outside of this range to resolve the issue. As a temporary workaround, consider disabling the ORB listener threads until a patch is available.

Fix

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-300

Related Identifiers

CESA-2024_6595

CVE-2024-27267

OPENSUSE-SU-2024_3162-1

RHSA-2024:6595

RHSA-2024_6595

SUSE-SU-2024:3162-1

SUSE-SU-2024:3183-1

Affected Products

Centos

Ibm Aix

Ibm Sdk

Red Hat

Suse

CVE-2024-27267

Weakness Enumeration

Related Identifiers

Affected Products

References · 27