The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Java JRE: denial of service via a real

Synthesis of the vulnerability 

An attacker can use a special double floating point number, in order to create an infinite loop in Java programs.
Vulnerable software: Debian, Fedora, HPE BAC, HPE NNMi, OpenView, OpenView NNM, Tru64 UNIX, HP-UX, AIX, Db2 UDB, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, JBoss AS OpenSource, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Oracle iPlanet Web Server, Java Oracle, Oracle Web Tier, RHEL, JBoss EAP by Red Hat, SLES.
Severity of this announce: 3/4.
Creation date: 02/02/2011.
Références of this computer vulnerability: 1468291, BID-46091, c02729756, c02738573, c02746026, c02752210, c02775276, c02826781, c02906075, c03090723, c03316985, CERTA-2002-AVI-271, CERTA-2012-AVI-286, cpuapr2011, CVE-2010-4476, DSA-2161-1, DSA-2161-2, FEDORA-2011-1231, FEDORA-2011-1263, HPSBMU02690, HPSBTU02684, HPSBUX02633, HPSBUX02641, HPSBUX02642, HPSBUX02645, HPSBUX02685, HPSBUX02725, HPSBUX02777, IZ94331, javacpufeb2011, MDVSA-2011:054, openSUSE-SU-2011:0126-1, PM32175, PM32177, PM32184, PM32192, PM32194, RHSA-2011:0210-01, RHSA-2011:0211-01, RHSA-2011:0212-01, RHSA-2011:0213-01, RHSA-2011:0214-01, RHSA-2011:0282-01, RHSA-2011:0290-01, RHSA-2011:0291-01, RHSA-2011:0292-01, RHSA-2011:0299-01, RHSA-2011:0333-01, RHSA-2011:0334-01, RHSA-2011:0336-01, RHSA-2011:0348-01, RHSA-2011:0349-01, RHSA-2011:0880-01, SSRT100387, SSRT100390, SSRT100412, SSRT100415, SSRT100505, SSRT100569, SSRT100627, SSRT100854, SUSE-SA:2011:010, SUSE-SA:2011:014, SUSE-SR:2011:008, SUSE-SU-2011:0823-1, swg21469266, swg24030066, swg24030067, VIGILANCE-VUL-10321.

Description of the vulnerability 

The number 2.2250738585072011e-308 if the "largest subnormal double number" (in base 2 : 0x0fffffffffffff x 2^-1022).

On a x86 processor, the Java JRE uses x87 FPU registers (80 bit), in order to find bit-after-bit the closest real value. This loop stops when the remainder is inferior to the precision. However, with the number 2.225..., this stop condition is never true (80 bit rounded to 64 bit), and an infinite loop occurs.

An attacker can therefore use a special double floating point number, in order to create an infinite loop in Java programs.

The origin of this vulnerability is the same as VIGILANCE-VUL-10257.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer threat note impacts software or systems such as Debian, Fedora, HPE BAC, HPE NNMi, OpenView, OpenView NNM, Tru64 UNIX, HP-UX, AIX, Db2 UDB, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, JBoss AS OpenSource, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Oracle iPlanet Web Server, Java Oracle, Oracle Web Tier, RHEL, JBoss EAP by Red Hat, SLES.

Our Vigil@nce team determined that the severity of this weakness alert is important.

The trust level is of type confirmed by the editor, with an origin of document.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this computer weakness note.

Solutions for this threat 

Java JDK/JRE: version 6 Update 24.
The version 6 Update 24 is corrected:
  http://www.oracle.com/technetwork/java/javase/downloads/index.html

Java JDK/JRE: version 5.0 Update 28 Business.
The version 5.0 Update 28 Business is corrected:
  https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1231283.1
  http://www.oracle.com/us/technologies/java/java-for-business-071123.html

Java SDK/JRE: version 1.4.2_30 Business.
The version 1.4.2_30 Business is corrected:
  https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1231283.1
  http://www.oracle.com/us/technologies/java/java-for-business-071123.html

Java JRE: patch for real.
A patch is available:
  https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1291950.1
Java SE Floating Point Updater Tool:
  http://www.oracle.com/technetwork/java/javase/downloads/index.html#fpupdater

NNMi: patch for JDK.
A patch is available:
  NNMi 9.0x JDK b : QCCR1B87492
  NNMi 9.0x JDK nnm : QCCR1B87433
  NNMi 8.1x JDK b : QCCR1B87492
  NNMi 8.1x JDK nnm,nms QCCR1B87491

Oracle iPlanet Web Server: CPU of April 2011.
A Critical Patch Update is available:
  http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1308128.1

AIX: patch for Java.
A patch is available:
  http://www.ibm.com/developerworks/java/jdk/alerts/cve-2010-4476.html

Debian: new openjdk-6 packages.
New packages are available:
  openjdk-6 6b18-1.8.3-2~lenny1
  openjdk-6 6b18-1.8.3-2+squeeze1

Fedora: new java-1.6.0-openjdk packages.
New packages are available:
  java-1.6.0-openjdk-1.6.0.0-50.1.8.6.fc13
  java-1.6.0-openjdk-1.6.0.0-52.1.9.6.fc14

HP Business Availability Center: patch for Java.
A patch is available:
  BAC v7.55 Solaris : BAC_00732
  BAC v7.55 Windows : BAC_00731
http://support.openview.hp.com/selfsolve/patches

HP OpenView NNM: solution for Java.
A workaround is to use FPUpdater:
  https://www.hp.com/go/java

HP Tru64 UNIX: workaround for Java floating point.
A workaround is to use FPUpdater (Floating Point Updater):
  http://h18012.www1.hp.com/java/alpha/fpupdater_index.html

HP-UX: corrected version of Apache Web Server.
The following version is corrected:
HP-UX Web Server Suite v.3.15 (Apache v2.2.15.05 + Tomcat-based Servlet Engine v5.5.30.04) :
  B.11.23 (32-bit) HPUXWS22ATW-B315-32
  B.11.23 (64-bit) HPUXWS22ATW-B315-64
  B.11.31 (32-bit) HPUXWS22ATW-B315-32
  B.11.31 (64-bit) HPUXWS22ATW-B315-64
HP-UX Web Server Suite v.2.33 (Apache v2.0.64.01 + Tomcat-based Servlet Engine v5.5.30.04) :
  B.11.11 HPUXWSATW-B233-1111
  B.11.23 (32-bit) HPUXWSATW-B233-1123-32-bit
  B.11.23 (64-bit) HPUXWSATW-B233-1123-64-bit
  B.11.31 (32-bit) HPUXWSATW-B233-1131-32-bit
  B.11.31 (64-bit) HPUXWSATW-B233-1131-64-bit
http://software.hp.com/

HP-UX: Java version 1.4.2.28.
Java version 1.4.2.28 is corrected:
  http://www.hp.com/go/java

HP-UX: Java versions 1.5.0.22.00 and 1.6.0.10.00.
Versions 1.5.0.22.00 and 1.6.0.10.00 are corrected:
  http://www.hp.com/go/java

HP-UX: Tomcat version 5.5.34.01.
The version Tomcat 5.5.34.01 is corrected (http://software.hp.com/):
  HP-UX B.11.23 HPUXWS22ATW-B320-64.depot
  HP-UX B.11.23 HPUXWS22ATW-B320-32.depot
  HP-UX B.11.31 HPUXWS22ATW-B320-64.depot
  HP-UX B.11.31 HPUXWS22ATW-B320-32.depot

HP-UX: update for Java.
The FPUpdater tool has to be used:
  https://www.hp.com/go/java

IBM DB2: version of JDK.
The following version is corrected:
  DB2 9.1 : JDK 5 SR12-FP2
  DB2 9.5 : JDK 5 SR12-FP2
  DB2 9.7 : JDK 6 SR9

IBM Tivoli Directory Server: version 6.1.0-TIV-ITDS-FP0006.
The version 6.1.0-TIV-ITDS-FP0006 is corrected:
  http://www-01.ibm.com/support/docview.wss?uid=swg24030208&myns=swgtiv&mynp=OCSSVJJU&mync=R&wv=1

IBM Tivoli Directory Server: version 6.2.0.3-TIV-ITDS-IF0003.
The version 6.2.0.3-TIV-ITDS-IF0003 is corrected:
  http://www-01.ibm.com/support/docview.wss?uid=swg24030067&myns=swgtiv&mynp=OCSSVJJU&mync=R

IBM Tivoli Directory Server: version 6.3.0.0-TIV-ITDS-IF0004.
The version 6.3.0.0-TIV-ITDS-IF0004 is corrected:
  http://www-01.ibm.com/support/docview.wss?uid=swg24030066&myns=swgtiv&mynp=OCSSVJJU&mync=R

IBM Tivoli Storage Manager: solution for Java.
A solution is available:
Tivoli Storage Manager :
  http://www-01.ibm.com/support/docview.wss?uid=swg21469266
Tivoli Storage Manager Extended Edition :
  http://www-01.ibm.com/support/docview.wss?uid=swg21469266
Tivoli Storage Manager FastBack :
  http://www-01.ibm.com/support/docview.wss?uid=swg21469209
Tivoli Storage Manager FastBack for Workstations :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468271
Tivoli Storage Manager for Space Management :
  http://www-01.ibm.com/support/docview.wss?uid=swg21469266
Tivoli Storage Manager for Storage Area Networks :
  http://www-01.ibm.com/support/docview.wss?uid=swg21469266

IBM Tivoli System Automation: solution for Java.
A solution is available:
Tivoli System Automation Application Manager :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468860
Tivoli System Automation for Integrated Operations Management :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468861
Tivoli System Automation for Multiplatforms :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468856
Tivoli System Automation for z/OS :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468862

IBM Tivoli Workload Scheduler: solution for Java.
A solution is available:
Tivoli Workload Scheduler :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468704
Tivoli Workload Scheduler for Applications :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468709
Tivoli Workload Scheduler for z/OS :
  http://www-01.ibm.com/support/docview.wss?uid=swg21468747

IBM WebSphere MQ: solution for Java.
A solution is available:
  http://www-01.ibm.com/support/docview.wss?uid=swg21468521

JBoss Enterprise Web Server: new tomcat5 packages.
New packages are available:
JBoss Enterprise Web Server 1.0 for RHEL 4 :
  tomcat5-5.5.28-18_patch_03.ep5.el4
JBoss Enterprise Web Server 1.0 for RHEL 5 :
  tomcat5-5.5.28-12_patch_03.ep5.el5

JBoss Enterprise Web Server: new tomcat6 packages.
New packages are available:
JBoss Enterprise Web Server 1.0 for RHEL 4 :
  tomcat6-6.0.24-11.patch_03.ep5.el4
JBoss Enterprise Web Server 1.0 for RHEL 5 :
  tomcat6-6.0.24-11.patch_03.ep5.el5

JBoss: patch for Java.
A patch is available in information sources.

Mandriva: new java-1.6.0-openjdk packages.
New packages are available:
Mandriva Linux 2009.0:
  java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0
  java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2009.0
Mandriva Linux 2010.0:
  java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.0
Mandriva Linux 2010.1:
  java-1.6.0-openjdk-1.6.0.0-7.b18.5mdv2010.2
Mandriva Enterprise Server 5:
  java-1.5.0-gcj-1.5.0.0-17.1.7.1mdv2009.0
  java-1.6.0-openjdk-1.6.0.0-7.b18.5mdvmes5.2

Red Hat Network Satellite: new java-1.6.0-ibm packages.
New packages are available:
  java-1.6.0-ibm-1.6.0.9.1-1jpp.1.el5

RHEL 4E, 5S, 6S: new java-ibm packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.4.2-ibm-1.4.2.13.8-1jpp.4.el4
  java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el4
  java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el4
RHEL 4 AS for SAP:
  java-1.4.2-ibm-sap-1.4.2.13.8.sap-1jpp.2.el4_8
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.4.2-ibm-1.4.2.13.8-1jpp.3.el5
  java-1.5.0-ibm-1.5.0.12.3-1jpp.2.el5
  java-1.6.0-ibm-1.6.0.9.0-1jpp.4.el5
RHEL 5 Server for SAP:
  java-1.4.2-ibm-sap-1.4.2.13.8.sap-1jpp.2.el5
Red Hat Enterprise Linux version 6 Supplementary:
  java-1.5.0-ibm-1.5.0.12.3-1jpp.3.el6
  java-1.6.0-ibm-1.6.0.9.0-1jpp.5.el6
Red Hat Enterprise Linux SAP (v. 6):
  java-1.4.2-ibm-sap-1.4.2.13.8.sap-1jpp.1.el6

RHEL 5, 6: new java-1.6.0-openjdk packages.
New packages are available:
Red Hat Enterprise Linux 5 :
  java-1.6.0-openjdk-1.6.0.0-1.18.b17.el5
Red Hat Enterprise Linux 6 :
  java-1.6.0-openjdk-1.6.0.0-1.36.b17.el6_0

RHEL 5: new tomcat5 packages.
New packages are available:
  tomcat5-*-5.5.23-0jpp.17.el5_6

RHEL: new java-1.6.0-sun packages.
New packages are available:
Red Hat Enterprise Linux version 4 Extras:
  java-1.6.0-sun-1.6.0.24-1jpp.1.el4
Red Hat Enterprise Linux version 5 Supplementary:
  java-1.6.0-sun-1.6.0.24-1jpp.1.el5
Red Hat Enterprise Linux version 6 Supplementary:
  java-1.6.0-sun-1.6.0.24-1jpp.1.el6

SUSE LE Java: new java-1_4_2-ibm-sap packages.
New packages are available, as indicated in information sources.

SUSE LE: new java-1_6_0-ibm, java-1_5_0-ibm, java-1_4_2-ibm packages.
New packages are available, as indicated in information sources.

SUSE: new java-1_6_0-sun packages.
New packages are available:
  openSUSE 11.2 : java-1_6_0-sun-1.6.0.u24-0.2.1
  openSUSE 11.3 : java-1_6_0-sun-1.6.0.u24-0.2.1
  SUSE Linux Enterprise Desktop 10 SP3 :
    http://download.novell.com/patch/finder/?keywords=8e9755f37706d7c7daa876e587e1bc55
  SUSE Linux Enterprise Desktop 11 SP1 :
    http://download.novell.com/patch/finder/?keywords=ec492a6f1adf3dd8d9f18616b737bdf6

SUSE: new libtiff packages (03/05/2011).
New packages are available, as indicated in information sources.

WebSphere AS: patch for SDK.
A patch is available in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a network vulnerability watch. The Vigil@nce vulnerability database contains several thousand vulnerabilities.