USN-7997-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-7997-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7997-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-7997-1
Upstream
Related
Published
2026-02-02T18:10:02Z
Modified
2026-04-24T10:09:29.998424Z
Summary
openjdk-17-crac vulnerabilities
Details

It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. (CVE-2026-21925)

Mingijung discovered that the AWT and JavaFX componenets of CRaC JDK 17 could run programs if Desktop.browse() was supplied a filename as a URI. An unauthenticated remote attacker could possibly use this issue to execute arbitrary code. (CVE-2026-21932)

Zhihui Chen discovered that the Networking component of CRaC JDK 17 was suceptible to a CRLF injection vulnerability via the HttpServer class. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. (CVE-2026-21933)

Ireneusz Pastusiak discovered that the Security component of CRaC JDK 17 failed to verify provided URIs point to a legitimate source when AIA is enabled. An unauthenticated remote attacker could possibly use this issue to redirect users to malicious hosts. (CVE-2026-21945)

In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

Please see the following for more information: https://openjdk.org/groups/vulnerability/advisories/2026-01-20

References

Affected packages

Ubuntu:25.10 / openjdk-17-crac

Package

Name
openjdk-17-crac
Purl
pkg:deb/ubuntu/openjdk-17-crac@17.0.18+8-0ubuntu1~25.10?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.0.18+8-0ubuntu1~25.10

Affected versions

17.*
17.0.14+7-0ubuntu1
17.0.15+6-0ubuntu1
17.0.16+8-0ubuntu1
17.0.17+10-0ubuntu1~25.10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-demo"
        },
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-jdk"
        },
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-jdk-headless"
        },
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-jre"
        },
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-jre-headless"
        },
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-jre-zero"
        },
        {
            "binary_version": "17.0.18+8-0ubuntu1~25.10",
            "binary_name": "openjdk-17-crac-source"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7997-1.json"
cves_map 
{
    "ecosystem": "Ubuntu:25.10",
    "cves": []
}