Wind River Support Network

HomeDefectsLIN1022-6611
Fixed

LIN1022-6611 : Security Advisory - rack - CVE-2024-26141

Created: Feb 22, 2024    Updated: Jul 27, 2025
Resolved Date: Jul 27, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will use the `Rack::File` middleware or the `Rack::Utils.byte_ranges` methods (this includes Rails applications). The vulnerability is fixed in 3.0.9.1 and 2.2.8.1.

https://nvd.nist.gov/vuln/detail/CVE-2024-26141
  • Linkedin
  • Facebook
  • Twitter
  • Youtube