Wind River Support Network

HomeSafety and Security Notices

These vulnerabilities may occur in Wind River–developed products or in execution environments in which Wind River products operate. Wind River is committed to active threat monitoring, rapid assessment and threat prioritization, proactive customer notification, and timely remediation.

Reset
Showing
of 34 entries
NoticeSummaryProductsRequirementRelease DateLast Modify Date
Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x Wind River Linux 5 Recommended Apr 8, 2014 Apr 14, 2014
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x Wind River Linux 5 Recommended Aug 18, 2014 Aug 18, 2014
Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE­-2014­-3566 & CVE-2014-3568) Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE­-2014­-3566 & CVE-2014-3568) Wind River Linux 5 Recommended Oct 15, 2014 Oct 23, 2014
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278 ) Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278) Wind River Linux 5 Recommended Sep 24, 2014 Nov 20, 2014
Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE­-2014­-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE­-2014­-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) Wind River Linux 5 Recommended Dec 22, 2014 Dec 22, 2014
Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) Wind River Linux 5 Recommended Feb 5, 2015 Feb 5, 2015
Wind River Security Alert for Logjam Attack Wind River Security Alert for Logjam Attack Wind River Linux 5 Recommended May 27, 2015 May 29, 2015
The leap second handling in WRLinux (update 07/22/2015) The leap second handling in WRLinux Wind River Linux 5 Recommended Feb 9, 2015 Jul 22, 2015
Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) Wind River Linux 5 Recommended Jan 29, 2015 Aug 10, 2015
Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) Wind River Linux 5 Recommended Jan 15, 2016 Jan 15, 2016
Wind River Security Alert for CVE-2016-0728 Wind River Security Alert for CVE-2016-0728 Wind River Linux 5 Recommended Jan 21, 2016 Jan 25, 2016
Wind River Linux 8.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 Wind River Linux 8.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 Wind River Linux 5 Recommended Feb 19, 2016 Feb 21, 2016
Wind River Linux 5.0.1 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 Wind River Linux 5.0.1 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 Wind River Linux 5 Recommended Feb 21, 2016 Feb 21, 2016
Wind River Linux Security Alert for several openssl security issues There are eight new reported and fixed CVE issues in OpenSSL to be released on 20160301. They are: CVE-2016-0800, CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0703, CVE-2016-0704. Wind River Linux 5 Recommended Mar 1, 2016 Mar 2, 2016
Wind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176) Wind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176) Wind River Linux 5 Recommended May 3, 2016 May 3, 2016
Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016 Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016 Wind River Linux 5 Recommended Sep 25, 2016 Sep 28, 2016
Security Advisory - CVE-2016-5195 for linux kernel Security Advisory - CVE-2016-5195 for linux kernel Wind River Linux 5 Recommended Oct 24, 2016 Oct 24, 2016
New leap second 2016-12-31 23:59:60 UTC handling in WRLinux The leap second handling in WRLinux Wind River Linux 5 Recommended Nov 17, 2016 Nov 27, 2016
Wind River Security Vulnerability Notice: Stack-heap overflow Vulnerabilities - CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000366 Wind River Security Vulnerability Notice: Stack-heap overflow Vulnerabilities - CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000366 Wind River Linux 5 Recommended Jun 19, 2017 Jul 31, 2017
Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704 Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704 Wind River Linux 5 Recommended Oct 6, 2017 Oct 6, 2017
Wind River Linux Security Alert for ‘WPA security bug’ (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) WPA packet number reuse with replayed messages and key reinstallation. Effect on all our supporting release. Wind River Linux 5 Recommended Oct 16, 2017 Nov 3, 2017
Updated Intel Microcode 20180108 Wind River Update Notice: Updated Intel Microcode 20180108 Wind River Linux 5 Obsolete Jan 11, 2018 Mar 16, 2018
Wind River Linux End-November 2018 Security Bulletin Wind River Linux End-November 2018 Security Bulletin Wind River Linux 5 Recommended Nov 28, 2018 Nov 28, 2018
Wind River Linux Mid-December 2018 Security Bulletin Wind River Linux Mid-December 2018 Security Bulletin Wind River Linux 5 Recommended Nov 28, 2018 Dec 22, 2018
Wind River Linux End-December 2018 Security Bulletin Wind River Linux End-December 2018 Security Bulletin Wind River Linux 5 Recommended Nov 28, 2018 Jan 3, 2019
Wind River Security Vulnerability Notice: Meltdown and Spectre Side-Channel Attacks - (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715) for Wind River Linux and Pulsar Wind River Security Vulnerability Notice: Meltdown and Spectre Side-Channel Attacks - (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715) for Wind River Linux and Pulsar Wind River Linux 5 Recommended Jan 3, 2018 Mar 4, 2019
Wind River Security Vulnerability Notice: Microarchitectural Data Sampling (CVE-2018-12126 , CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) Wind River Security Vulnerability Notice: Microarchitectural Data Sampling (CVE-2018-12126 , CVE-2018-12127,CVE-2018-12130,CVE-2019-11091) for Wind River Linux Wind River Linux 5 Recommended -- Jun 30, 2019
Wind River Security Vulnerability Notice: TCP SACK PANIC (CVE-2019-11477 CVE-2019-11478 CVE-2019-11479) Wind River Security Vulnerability Notice: TCP SACK PANIC (CVE-2019-11477 CVE-2019-11478 CVE-2019-11479) for Wind River Linux Wind River Linux 5 Recommended -- Aug 9, 2019
Wind River Security Vulnerability Notice: several CVEs released by Intel Product Security Center in November 12, 2019 Wind River Security Vulnerability Notice: several CVEs on Intel products may effect on Wind River Linux Wind River Linux 5 Recommended -- Dec 11, 2019
Wind River Security Vulnerability Notice: Special Register Buffer Data Sampling Advisory (CVE-2020-0543) Wind River Security Vulnerability Notice: Special Register Buffer Data Sampling Advisory (CVE-2020-0543) for Wind River Linux Wind River Linux 5 Recommended -- Jun 11, 2020
Wind River Security Vulnerability Notice: Straight-Line Speculation (CVE-2020-13844) Wind River Security Vulnerability Notice: Straight-Line Speculation (CVE-2020-13844) for Wind River Linux Wind River Linux 5 Recommended -- Jun 16, 2020
Wind River Security Vulnerability Notice: CVE-2021-44228, CVE-2021-4104, CVE-2021-45046, CVE-2021-45105, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307 Wind River Linux is not affected by CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2022-23302, CVE-2022-23305 or CVE-2022-23307. WRLinux 8 and earlier release is not affected by CVE-2021-4104 provided the JMSAppender component has not been manually activated. Wind River Linux 5 Recommended Dec 13, 2021 Jan 19, 2022
Wind River Security Vulnerability Notice: CVE-2022-23960 Spectre-BHB vulnerability on ARM CPU Researchers disclosed a new cache speculation vulnerability known as Spectre-BHB. A serials of ARM cpus are affected on it. Wind River Linux 5 Recommended Mar 9, 2022 Mar 8, 2022
Wind River Security Vulnerability Notice: CVE-2022-0001 Spectre-BHI and CVE-2022-0002 Spectre-IMBTI vulnerability on Intel CPU Researchers disclosed two new cache speculation vulnerability known as Branch History Injection (BHI) and Intra-mode BTI (IMBTI). A serials of Intel cpus are affected on it. Wind River Linux 5 Recommended Mar 9, 2022 Mar 13, 2022
Live chat
Online