## Critical Out-of-Bounds Read Vulnerability in RHEL 9's Java 17 OpenJDK (LIBPNG)
A critical out-of-bounds read vulnerability has been identified within the `java-17-openjdk-headless` package for Red Hat Enterprise Linux 9. The flaw, tracked as SNYK-RHEL9-JAVA17OPENJDKHEADLESS-14136452, stems from a defect in the upstream LIBPNG library, a core component for processing PNG image files. This vulnerability allows for potential memory corruption and information disclosure when processing specially crafted palette images with a specific optimization flag enabled, posing a direct security risk to any application relying on this Java runtime.

The vulnerability resides in the `png_image_read_composite` function of LIBPNG versions 1.6.0 through 1.6.50. When the `PNG_FLAG_OPTIMIZE_ALPHA` flag is active, the palette compositing code in `png_init_read_transformations` incorrectly applies background compositing during premultiplication. This error violates a fundamental PNG API invariant, leading to an out-of-bounds read. The upstream LIBPNG project has already patched this issue in version 1.6.51.

For RHEL 9 users, the risk is specifically tied to the downstream `java-17-openjdk-headless` package. Red Hat has addressed the flaw in advisory RHSA-2026:0927. The immediate remediation is to upgrade the affected package to version `1:17.0.18.0.8-1.el9` or higher. This vulnerability underscores the persistent security challenges in foundational software libraries and the critical importance of timely patching cycles within enterprise Linux distributions to mitigate potential exploitation vectors.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: CVE, RHEL, Java, OpenJDK, LIBPNG
- **Credibility**: unverified
- **Published**: 2026-04-06 05:26:56
- **ID**: 51046
- **URL**: https://whisperx.ai/en/intel/51046