Wind River Support Network

HomeDefectsLIN6-11412

Fixed

LIN6-11412 : Security Advisory - dosfstools - CVE-2016-4804

Created: Jun 13, 2016 Updated: Dec 3, 2018

Resolved Date: Jul 12, 2016

Found In Version: 6.0.0.29

Fix Version: 6.0.0.31

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The read_boot function in boot.c in dosfstools before 4.0 allows attackers to cause a denial of service (crash) via a crafted filesystem, which triggers a heap-based buffer overflow in the (1) read_fat function or an out-of-bounds heap read in (2) get_fat function.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4804

Other Downloads

Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38