Wind River Support Network

HomeDefectsLIN10-4181

Fixed

LIN10-4181 : Security Advisory - ntp - CVE-2018-12327

Created: Jun 29, 2018 Updated: Dec 3, 2018

Resolved Date: Aug 24, 2018

Found In Version: 10.17.41.1

Fix Version: 10.17.41.11

Severity: Standard

Applicable for: Wind River Linux LTS 17

Component/s: Userspace

Description

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.

https://nvd.nist.gov/vuln/detail/CVE-2018-12327

Other Downloads

Wind River Linux LTS 10.17.41.11
Wind River Linux LTS 10.17.41.12
Wind River Linux LTS 10.17.41.13
Wind River Linux LTS 10.17.41.14
Wind River Linux LTS 10.17.41.15
Wind River Linux LTS 10.17.41.16
Wind River Linux LTS 10.17.41.17
Wind River Linux LTS 10.17.41.18
Wind River Linux LTS 10.17.41.20
Wind River Linux LTS 10.17.41.21
Wind River Linux LTS 10.17.41.22
Wind River Linux LTS 10.17.41.23
Wind River Linux LTS 10.17.41.24
Wind River Linux LTS 10.17.41.25
Wind River Linux LTS 10.17.41.26
Wind River Linux LTS 10.17.41.27

CVEs

CVE-2018-12327