Eclipse OpenJ9 possible infinite busy hang
CVE-2023-5676

4.1MEDIUM

Key Information:

Status
Vendor
CVE Published:
15 November 2023

What is CVE-2023-5676?

In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.

Affected Version(s)

OpenJ9 0 < 0.41.0

References

CVSS V3.1

Score:
4.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.