Wind River Support Network

HomeDefectsLIN6-10438

Fixed

LIN6-10438 : Security Advisory - ntp - CVE-2015-7853

Created: Oct 21, 2015 Updated: Dec 3, 2018

Resolved Date: Oct 27, 2015

Previous ID: LIN4-33057

Found In Version: 6.0.0.25

Fix Version: 6.0.0.26

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

A potential buffer overflow vulnerability exists in the refclock of ntpd. An invalid length provided by a hardware reference clock could cause a buffer overflow potentially resulting in memory being modified. A malicious reflock could provide a negative length to trigger this vulnerability.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38