Wind River Support Network

HomeDefectsLIN6-9494

Fixed

LIN6-9494 : Security Advisory - glibc - CVE-2013-7423

Created: Feb 25, 2015 Updated: Dec 3, 2018

Resolved Date: May 8, 2015

Found In Version: 6.0.0.18

Fix Version: 6.0.0.20

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Toolchain

Description

The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of request that trigger a call to the getaddrinfo function.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7423

Other Downloads

binary-toolchain-4.8-44
binary-toolchain-4.8-45
binary-toolchain-4.8-47
Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38