Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 352035 (CVE-2010-4351) - <dev-java/icedtea6-bin-1.9.4 JNLP security manager bypass (CVE-2010-4351)
Summary: <dev-java/icedtea6-bin-1.9.4 JNLP security manager bypass (CVE-2010-4351)
Status: RESOLVED FIXED
Alias: CVE-2010-4351
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: C2 [glsa]
Keywords:
Depends on:
Blocks: icedtea-tracker java-security 346799 CVE-2011-0025
  Show dependency tree
 
Reported: 2011-01-18 14:57 UTC by Andrew John Hughes
Modified: 2014-06-29 15:28 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew John Hughes 2011-01-18 14:57:20 UTC
http://blog.fuseyism.com/index.php/2011/01/18/security-icedtea6-177-184-194-released/

Updated ebuilds in java-overlay.

Reproducible: Always
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2011-01-18 18:03:00 UTC
Quoting $URL:
It was discovered that the JNLPSecurityManager in certain cases failed to
properly implement the security policy, and did not throw an exception to
prevent completion of a possibly unsafe or sensitive operation and simply
returned from the checkPermission method. 

Any service relying on the SecurityManager.checkPermission() method to throw an
exception then incorrectly assumed that the permission was granted.
Comment 2 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2011-01-21 00:23:02 UTC
(In reply to comment #0)
> Updated ebuilds in java-overlay.

In tree as well, for the source dev-java/icedtea package. Now building icedtea6-bin.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2011-01-21 11:16:45 UTC
CVE-2010-4351 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4351):
  The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7,
  1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from
  the checkPermission method instead of throwing an exception in
  certain circumstances, which might allow context-dependent attackers
  to bypass the intended security policy by creating instances of
  ClassLoader.

Comment 4 hhaamu 2011-01-21 13:41:45 UTC
The version bump for dev-java/icedtea caused bug 352314
Comment 5 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2011-01-21 23:35:36 UTC
Done, please stabilize dev-java/icedtea6-bin-1.9.4
Comment 6 Christian Faulhammer (RETIRED) gentoo-dev 2011-01-22 09:13:27 UTC
x86 stable
Comment 7 Agostino Sarubbo gentoo-dev 2011-01-22 13:26:47 UTC
amd64 ok
Comment 8 Markos Chandras (RETIRED) gentoo-dev 2011-01-22 17:56:42 UTC
amd64 done. Thanks Agostino
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2011-01-22 21:32:27 UTC
Thanks, folks. Added to existing GLSA request.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2014-06-29 15:28:34 UTC
This issue was resolved and addressed in
 GLSA 201406-32 at http://security.gentoo.org/glsa/glsa-201406-32.xml
by GLSA coordinator Mikle Kolyada (Zlogene).