Wind River Support Network

HomeDefectsLIN1021-480
Fixed

LIN1021-480 : Security Advisory - apache2 - CVE-2020-35452

Created: Jun 3, 2021    Updated: Jul 14, 2021
Resolved Date: Jul 14, 2021
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow

https://nvd.nist.gov/vuln/detail/CVE-2020-35452

CVEs


Live chat
Online