Wind River Support Network

HomeDefectsLIN6-10876

Fixed

LIN6-10876 : Security Advisory - linux - CVE-2015-8575

Created: Feb 13, 2016 Updated: Dec 3, 2018

Resolved Date: Apr 7, 2016

Found In Version: 6.0.0.27

Fix Version: 6.0.0.30

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Kernel

Description

The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8575

Other Downloads

Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38