Wind River Support Network


LIN1021-480 : Security Advisory - apache2 - CVE-2020-35452

Created: Jun 3, 2021    Updated: Jul 26, 2021
Resolved Date: Jul 14, 2021
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace


Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow


Live chat