Wind River Support Network

HomeDefectsLIN10-632
Not to be fixed

LIN10-632 : Security Advisory - gcc - CVE-2016-4973

Created: Jun 14, 2017    Updated: Oct 19, 2018
Resolved Date: Aug 28, 2018
Found In Version: 10.17.41.1
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Toolchain

Description

Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.

https://nvd.nist.gov/vuln/detail/CVE-2016-4973
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube