Wind River Support Network

HomeDefectsLIN5-21920
Fixed

LIN5-21920 : Security Advisory - openssl - CVE-2016-2183

Created: Sep 1, 2016    Updated: May 29, 2018
Resolved Date: Sep 7, 2016
Found In Version: 5.0.1.36
Fix Version: 5.0.1.38
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

Ciphers with 64-bit block sizes used in CBC mode were found to be vulnerable to birthday attack when key renegotiation doesn't happen frequently or at all in long running connections. 3DES cipher as used in TLS protocol is vulnerable to this attack, that allows remote attacker to recover partial plaintext information (XOR of two plaintext blocks).

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183

Security Notices


Other Downloads


Live chat
Online