Wind River Support Network

HomeDefectsLIN6-6591

Fixed

LIN6-6591 : Security Advisory - openssl - CVE-2013-6449

Created: Jan 15, 2014 Updated: Dec 3, 2018

Resolved Date: Jan 17, 2014

Previous ID: LIN5-17836

Found In Version: 6.0.0.3

Fix Version: 6.0.0.3

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38