Wind River Support Network

HomeDefectsLIN10-3198
Fixed

LIN10-3198 : Security Advisory - dhcp - CVE-2017-3144

Created: Jan 30, 2018    Updated: Feb 12, 2019
Resolved Date: Feb 6, 2018
Found In Version: 10.17.41.1
Fix Version: 10.17.41.4
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

It was found that omapi code doesn't free socket descriptor if empty message was sent by client, which allows malicious client to use up all available descriptors causing Denial of Service

https://nvd.nist.gov/vuln/detail/CVE-2017-3144  

Other Downloads


CVEs


Live chat
Online