PT-2025-20595 · Oracle+4 · Openjdk+4

Published

2025-05-09

Updated

2025-09-05

CVE-2025-4447

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Eclipse OpenJ9 versions up to 0.51

Description A stack-based buffer overflow can occur when Eclipse OpenJ9 is used with OpenJDK version 8, by modifying a file on disk that is read when the JVM starts.

Recommendations For Eclipse OpenJ9 versions up to 0.51, update to a version later than 0.51 to resolve the issue. As a temporary workaround, consider restricting access to files on disk that are read by the JVM at startup to minimize the risk of exploitation.

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

CESA-2025_8431

CVE-2025-4447

OPENSUSE-SU-2025:15231-1

OPENSUSE-SU-2025_01788-1

RHSA-2025:8431

RHSA-2025_8431

SUSE-SU-2025:01770-1

SUSE-SU-2025:01788-1

SUSE-SU-2025:01954-1

SUSE-SU-2025_01770-1

SUSE-SU-2025_01788-1

Affected Products

Centos

Eclipse Openj9

Openjdk

Red Hat

Suse

PT-2025-20595 · Oracle+4 · Openjdk+4

CVE-2025-4447

Weakness Enumeration

Related Identifiers

Affected Products

References · 27