In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.
When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openj9 | Eclipse | 0.11.0 (including) | 0.11.0 (including) |
Red Hat Enterprise Linux 6 Supplementary | RedHat | java-1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el6_10 | * |
Red Hat Enterprise Linux 7 Supplementary | RedHat | java-1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el7 | * |
Red Hat Enterprise Linux 8 | RedHat | java-1.8.0-ibm-1:1.8.0.5.35-3.el8_0 | * |
Red Hat Satellite 5.8 | RedHat | java-1.8.0-ibm-1:1.8.0.5.30-1jpp.1.el6_10 | * |