Wind River Support Network

HomeDefectsLIN8-2863
Fixed

LIN8-2863 : Security Advisory - libbsd - CVE-2016-2090

Created: Feb 24, 2016    Updated: Dec 3, 2018
Resolved Date: Feb 29, 2016
Found In Version: 8.0
Fix Version: 8.0.0.3
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

libbsd 0.8.1 and earlier contains a buffer overflow in the function fgetwln(). An if checks if it is necessary to reallocate memory in the target buffer. However this check is off by one, therefore an out of bounds write happens. (backtick) characters in a print job. 

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2090 

Other Downloads


CVEs


Live chat
Online