Wind River Support Network

HomeDefectsLIN6-10944
Fixed

LIN6-10944 : Security Advisory - libbsd - CVE-2016-2090

Created: Feb 24, 2016    Updated: Dec 3, 2018
Resolved Date: Mar 4, 2016
Found In Version: 6.0.0.28
Fix Version: 6.0.0.29
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

libbsd 0.8.1 and earlier contains a buffer overflow in the function fgetwln(). An if checks if it is necessary to reallocate memory in the target buffer. However this check is off by one, therefore an out of bounds write happens. (backtick) characters in a print job. 

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2090 

Other Downloads


Live chat
Online