Wind River Support Network

HomeDefectsLIN7-2580

Fixed

LIN7-2580 : Security Advisory - rpm - CVE-2014-8118

Created: Dec 30, 2014 Updated: Sep 8, 2018

Resolved Date: Aug 3, 2015

Found In Version: 7.0.0.7

Fix Version: 7.0.0.9

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8118

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2014-8118