Wind River Support Network

HomeDefectsLIN7-5554

Fixed

LIN7-5554 : Security Advisory - ntp - CVE-2015-8138

Created: Jan 27, 2016 Updated: Sep 8, 2018

Resolved Date: Mar 25, 2016

Previous ID: SCP7-285

Found In Version: 7.0.0.12

Fix Version: 7.0.0.14

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The TEST2 check of the originate timestamp in received packets, which requires the timestamp to match the value of the peer->aorg variable and which is supposed to be random to prevent spoofing attacks has been found to be faulty.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8138

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2015-8138