Wind River Support Network

HomeDefectsLIN7-7343

Fixed

LIN7-7343 : Security Advisory - dropbear - CVE-2016-7407

Created: Jan 17, 2017 Updated: Sep 8, 2018

Resolved Date: Jan 18, 2017

Found In Version: 7.0

Fix Version: 7.0.0.23

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

dropbearconvert import of OpenSSH keys could run arbitrary code as the local dropbearconvert user when parsing malicious key files

CVE-2016-7407
https://secure.ucc.asn.au/hg/dropbear/rev/34e6127ef02e

Other Downloads

Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-7407