Wind River Support Network

HomeDefectsLIN5-17808
Fixed

LIN5-17808 : Security Advisory - openssl - CVE-2013-6450

Created: Jan 15, 2014    Updated: Dec 19, 2017
Resolved Date: Jan 16, 2014
Found In Version: 5.0.1.12
Fix Version: 5.0.1.12
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6450

Other Downloads


Live chat
Online