It was found that omapi code doesn\'t free socket descriptor if empty message was sent by client, which allows malicious client to use up all available descriptors causing Denial of Service
Find out more about CVE-2017-3144 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
| Product Name | Status | Defect | Fixed | Downloads |
|---|
dhcp
Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
