All customers except US A&D: to ensure that you can access all of your product downloads, you must log in to the Wind River Delivers portal and visit the My Products page to force an initial sync of your product entitlement. Only after you’ve completed this step will you be able to access and download product content through the Artifacts, Registry, and Git interfaces. This also applies to users attempting to run the Wind River installer in maintenance or update mode or Linux installation updates at the command line.

Wind River Support Network

Meet the Support Network

Home CVE Database CVE-2019-12261



Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.

Priority: HIGH
CVSS v3: 9.8
Publish Date: Aug 9, 2019
Related ID: --
Modified Date: Aug 19, 2019

Find out more about CVE-2019-12261 from the MITRE-CVE dictionary and NIST NVD

Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads


It doesn\'t impact WRLinux

Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see and for more information.
Live chat