All customers except US A&D: to ensure that you can access all of your product downloads, you must log in to the Wind River Delivers portal https://delivers.windriver.com and visit the My Products page to force an initial sync of your product entitlement. Only after you’ve completed this step will you be able to access and download product content through the Artifacts, Registry, and Git interfaces. This also applies to users attempting to run the Wind River installer in maintenance or update mode or Linux installation updates at the command line.

Wind River Support Network

HomeDefectsLIN6-10750
Fixed

LIN6-10750 : Security Advisory - linux - CVE-2016-0728

Created: Jan 20, 2016    Updated: Dec 3, 2018
Resolved Date: Jan 26, 2016
Found In Version: 6.0.0.27
Fix Version: 6.0.0.28
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel

Description

http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728 says:

Perception Point Research team has identified a 0-day local privilege escalation vulnerability in the Linux kernel. While the vulnerability has existed since 2012, our team discovered the vulnerability only recently, disclosed the details to the Kernel security team, and later developed a proof-of-concept exploit. As of the date of disclosure, this vulnerability has implications for approximately tens of millions of Linux PCs and servers, and 66 percent of all Android devices (phones/tablets). While neither us nor the Kernel security team have observed any exploit targeting this vulnerability in the wild, we recommend that security teams examine potentially affected devices and implement patches as soon as possible.

It says kernel 3.8 and later is vulnerable, and we’re at 3.10.

https://anonscm.debian.org/cgit/kernel/linux.git/commit/?h=jessie-security&id=0ac8c3e88cf1ea329ede357f2a01a9b1a8734e24

Security Notices


Other Downloads


Live chat
Online