Wind River Support Network

HomeDefectsLIN5-21534
Fixed

LIN5-21534 : Security Advisory - busybox - CVE-2016-2148

Created: May 19, 2016    Updated: May 29, 2018
Resolved Date: Aug 2, 2016
Found In Version: 5.0.1.35
Fix Version: 5.0.1.37
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

A heap based buffer overflow was discovered in udhcpc when parsing IPv6 Rapid Deployment DHCP option. An attacker could send a maliciously crafted packet as an answer to a DHCP request, to overwrite the heap, resulting in crash or remote code execution.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2148

Other Downloads


Live chat
Online