Wind River Support Network


LIN5-19251 : Security Advisory - openssl - CVE-2014-3512

Created: Aug 14, 2014    Updated: Dec 19, 2017
Resolved Date: Aug 14, 2014
Previous ID: LIN4-31673
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace


A SRP buffer overrun was found. A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. (original advisory). Reported by Sean Devlin and Watson Ladd (Cryptography Services, NCC Group).

Fixed in OpenSSL 1.0.1i (Affected 1.0.1h, 1.0.1g, 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) 

Other Downloads

Live chat