Wind River Support Network

HomeDefectsLIN6-12961
Fixed

LIN6-12961 : the customer needs patches for CVE-2014-4043 in Wrlinux6

Created: May 4, 2017    Updated: Apr 6, 2020
Resolved Date: Jun 19, 2017
Found In Version: 6.0.0.32
Fix Version: 6.0.0.34
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Toolchain

Description

This is the description of CVE-2014-4043:
https://nvd.nist.gov/vuln/detail/CVE-2014-4043

CVE-2014-4043 affects glibc before 2.20, while the version of glibc in wrlinux6 is 2.18,  so wrlinux6 maybe affected.

Workaround

Apply the attached patch for CVE-2014-4043  and patch from LIN6-11114 to glibc,

configure --with-template=feature/build_libc

make -C build eglibc-sourcery-compile.patch

cd build/eglibc-sourcery-compile/glibc-2.18-4.8/

patch -p2 < attached.patch

Other Downloads

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube