Wind River Support Network

HomeDefectsLIN7-7184

Fixed

LIN7-7184 : Security Advisory - wolfssl - CVE-2016-7440

Created: Dec 15, 2016 Updated: Sep 8, 2018

Resolved Date: Mar 21, 2017

Found In Version: 7.0.0.21

Fix Version: 7.0.0.24

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7440

Other Downloads

Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-7440