Back to search
CVE-2019-17639
Published: Jul 15, 2020
Modified: Aug 5, 2024
PUBLISHED
Description
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type.
| Vendor | Product | Versions |
|---|---|---|
The Eclipse Foundation | Eclipse OpenJ9 | affected <= 0.21 |
Weaknesses (CWE)
References
https://bugs.eclipse.org/bugs/show_bug.cgi?id=563998
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now