CVE-2024-27267

Published: Aug 14, 2024Modified: Sep 29, 2025

5.9

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.

Affected (2)

Products: Ibm: Java Sdk

Ibm

1 product

Java Sdk

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Java Sdk	From 7.1.0.0 to 7.1.5.18
Ibm Java Sdk	From 8.0.0.0 to 8.0.8.26

Related CWEs

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (1)

https://www.ibm.com/support/pages/node/7165421

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.