Wind River Support Network

HomeDefectsSCP7-415

Fixed

SCP7-415 : Security Advisory - linux - CVE-2016-3955

Created: Jun 29, 2016 Updated: Sep 8, 2018

Resolved Date: Jul 11, 2016

Found In Version: 7.0.0.5

Fix Version: 7.0.0.18

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Kernel

Description

Linux kernel built with the USB over IP(CONFIG_USBIP_*) support is vulnerable
to a buffer overflow issue. It could occur while receiving USB/IP packets, when
the size value in the packet is greater actual transfer buffer.

A user/process could use this flaw to crash the remote host via kernel
memory corruption or potentially execute arbitrary code.

Upstream patch:
---------------
  -> https://git.kernel.org/linus/b348d7dddb6c4fbfc810b7a0626e8ec9e29f7cbb

Reference:
----------
  -> http://www.openwall.com/lists/oss-security/2016/04/19/1

Other Downloads

Wind River Linux SCP 7.0.0.18
Wind River Linux SCP 7.0.0.19
Wind River Linux SCP 7.0.0.20
Wind River Linux SCP 7.0.0.21
Wind River Linux SCP 7.0.0.22
Wind River Linux SCP 7.0.0.23
Wind River Linux SCP 7.0.0.24
Wind River Linux SCP 7.0.0.25
Wind River Linux SCP 7.0.0.26
Wind River Linux SCP 7.0.0.27
Wind River Linux SCP 7.0.0.28
Wind River Linux SCP 7.0.0.29
Wind River Linux SCP 7.0.0.30
Wind River Linux SCP 7.0.0.31