These vulnerabilities may occur in Wind River–developed products or in execution environments in which Wind River products operate. Wind River is committed to active threat monitoring, rapid assessment and threat prioritization, proactive customer notification, and timely remediation.
| Notice | Summary | Products | Requirement | Release Date | Last Modify Date |
|---|---|---|---|---|---|
| Wind River Linux 7.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 7.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 7 | Recommended | Feb 21, 2016 | Feb 21, 2016 |
| Wind River Linux 8.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 8.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Feb 19, 2016 | Feb 21, 2016 |
| Wind River Linux Security Alert for ‘openssl security bug’ (CVE-2016-0701 & CVE-2015-3197) | Two CVE issue on openssl. CVE-2015-3197 effect on all WRL5~8 while CVE-2016-0701 only effect on WRL8. | Wind River Linux 8 | Recommended | Jan 28, 2016 | Feb 1, 2016 |
| Wind River Security Alert for CVE-2016-0728 | Wind River Security Alert for CVE-2016-0728 | Wind River Linux 5 | Recommended | Jan 21, 2016 | Jan 25, 2016 |
| Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) | Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Jan 15, 2016 | Jan 15, 2016 |
| Wind River Security Alert for Logjam Attack | Wind River Security Alert for Logjam Attack | Wind River Linux 4, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | May 27, 2015 | May 29, 2015 |
| The leap second handling in WRLinux (update 07/22/2015) | The leap second handling in WRLinux | Linux Platforms 2.0, Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Feb 9, 2015 | Jul 22, 2015 |
| Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) | Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Feb 5, 2015 | Feb 5, 2015 |
| Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) | Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Jan 29, 2015 | Aug 10, 2015 |
| Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE-2014-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) | Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE-2014-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) | Wind River Linux 4, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Dec 22, 2014 | Dec 22, 2014 |
| Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE-2014-3566 & CVE-2014-3568) | Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE-2014-3566 & CVE-2014-3568) | Wind River Linux 4, Linux 3, Wind River Linux 6, Wind River Linux 5 | Recommended | Oct 15, 2014 | Oct 23, 2014 |
| Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278 ) | Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278) | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Sep 24, 2014 | Nov 20, 2014 |
| Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x | Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Aug 18, 2014 | Aug 18, 2014 |
| Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x | Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x | Wind River Linux 4, Linux 3, Wind River Linux 6, Wind River Linux 5 | Recommended | Apr 8, 2014 | Apr 14, 2014 |
| Wind River Linux Mid-Sep 2013 Security Bulletin | Wind River Linux Mid-Sep 2013 Security Bulletin | Linux Platforms 2.0 | Recommended | Mar 5, 2012 | Sep 16, 2013 |
| Wind River Linux Mid-Januray 2019 Security Bulletin | Wind River Linux Mid-January 2019 Security Bulletin | Wind River Linux 7, Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Jan 16, 2019 |
| Wind River Linux Mid-February 2019 Security Bulletin | Wind River Linux Mid-Februray 2019 Security Bulletin | Wind River Linux 7, Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Feb 19, 2019 |
| Wind River Linux Security Alert for hostap(hostapd and wpa_supplicant) | several WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant been find and effect on all our supporting release(CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499). | Wind River Linux 7, Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Apr 24, 2019 |
| Wind River Linux Mid-April 2019 Security Bulletin | Wind River Linux Mid-April 2019 Security Bulletin | Wind River Linux 7, Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Apr 23, 2019 |
| Wind River Security Vulnerability Notice: Microarchitectural Data Sampling (CVE-2018-12126 , CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) | Wind River Security Vulnerability Notice: Microarchitectural Data Sampling (CVE-2018-12126 , CVE-2018-12127,CVE-2018-12130,CVE-2019-11091) for Wind River Linux | Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Jun 30, 2019 |
| Wind River Security Vulnerability Notice: TCP SACK PANIC (CVE-2019-11477 CVE-2019-11478 CVE-2019-11479) | Wind River Security Vulnerability Notice: TCP SACK PANIC (CVE-2019-11477 CVE-2019-11478 CVE-2019-11479) for Wind River Linux | Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Aug 9, 2019 |
| Wind River Security Vulnerability Notice: several CVEs released by Intel Product Security Center in November 12, 2019 | Wind River Security Vulnerability Notice: several CVEs on Intel products may effect on Wind River Linux | Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 | Recommended | -- | Dec 11, 2019 |
| Wind River Security Vulnerability Notice: Special Register Buffer Data Sampling Advisory (CVE-2020-0543) | Wind River Security Vulnerability Notice: Special Register Buffer Data Sampling Advisory (CVE-2020-0543) for Wind River Linux | Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19 | Recommended | -- | Jun 11, 2020 |
| Wind River Security Vulnerability Notice: Straight-Line Speculation (CVE-2020-13844) | Wind River Security Vulnerability Notice: Straight-Line Speculation (CVE-2020-13844) for Wind River Linux | Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19 | Recommended | -- | Jun 16, 2020 |
| Wind River Security Vulnerability Notice: openssl EDIPARTYNAME NULL pointer de-reference, CVE-2020-1971 | Wind River Security Vulnerability Notice: CVE-2020-1971 of openssl may effect on Wind River Linux | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Recommended | -- | Dec 8, 2020 |
| Wind River Security Vulnerability Notice: Heap-based buffer overflow in Sudo, CVE-2021-3156 | Wind River Security Vulnerability Notice: CVE-2021-3156 of sudo may effect on Wind River Linux | Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Recommended | -- | Jan 26, 2021 |
| Wind River Security Vulnerability Notice: Multiple vulnerabilities on dnsmasq | Wind River Security Vulnerability Notice: Multiple vulnerabilities on dnsmasq | Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Recommended | -- | Jan 19, 2021 |
| Wind River Security Vulnerability Notice: CVE-2021-33909 and CVE-2021-33910 | Wind River Security Vulnerability Notice: CVE-2021-33909 and CVE-2021-33910 of linux kernel and systemd | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 | Recommended | -- | Jul 20, 2021 |
| Wind River Security Vulnerability Notice: CVE-2021-3711 | Wind River Security Vulnerability Notice:CVE-2021-3711 of openssl | Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 | Recommended | -- | Aug 24, 2021 |
