SUSE-SU-2025:01954-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202501954-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:01954-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:01954-1
Upstream
  • CVE-2025-4447
Related
Published
2025-06-13T13:56:03Z
Modified
2025-06-14T13:01:21.290759Z
Summary
Security update for java-1_8_0-openj9
Details

This update for java-180-openj9 fixes the following issues:

  • CVE-2025-4447: Fixed buffer overflow in Eclipse OpenJ9 (bsc#1243429).
  • CVE-2025-30698: Fixed 2D unauthorized data access and DoS (bsc#1241276).
  • CVE-2025-30691: Fixed Compiler Unauthorized Data Access (bsc#1241275).
  • CVE-2025-21587: Fixed unauthorized access, deletion or modification of critical data (bsc#1241274).

Other bugfixes:

  • Fixed wrong execstack flag in libj9jit (bsc#1235844)
References

Affected packages

SUSE:Linux Enterprise Module for Package Hub 15 SP6 / java-1_8_0-openj9

Package

Name
java-1_8_0-openj9
Purl
pkg:rpm/suse/java-1_8_0-openj9&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.452-150200.3.54.2

Ecosystem specific 

{
    "binaries": [
        {
            "java-1_8_0-openj9": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-src": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-accessibility": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-devel": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-demo": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-headless": "1.8.0.452-150200.3.54.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Package Hub 15 SP7 / java-1_8_0-openj9

Package

Name
java-1_8_0-openj9
Purl
pkg:rpm/suse/java-1_8_0-openj9&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.452-150200.3.54.2

Ecosystem specific 

{
    "binaries": [
        {
            "java-1_8_0-openj9": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-src": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-accessibility": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-devel": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-demo": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-headless": "1.8.0.452-150200.3.54.2"
        }
    ]
}

openSUSE:Leap 15.6 / java-1_8_0-openj9

Package

Name
java-1_8_0-openj9
Purl
pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.0.452-150200.3.54.2

Ecosystem specific 

{
    "binaries": [
        {
            "java-1_8_0-openj9-javadoc": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-src": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-accessibility": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-headless": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-devel": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9-demo": "1.8.0.452-150200.3.54.2",
            "java-1_8_0-openj9": "1.8.0.452-150200.3.54.2"
        }
    ]
}