Wind River Support Network

HomeDefectsLIN6-11276
Fixed

LIN6-11276 : Security Advisory - busybox - CVE-2016-2148

Created: May 19, 2016    Updated: Dec 3, 2018
Resolved Date: Aug 2, 2016
Found In Version: 6.0
Fix Version: 6.0.0.31
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

A heap based buffer overflow was discovered in udhcpc when parsing IPv6 Rapid Deployment DHCP option. An attacker could send a maliciously crafted packet as an answer to a DHCP request, to overwrite the heap, resulting in crash or remote code execution.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2148

Other Downloads


Live chat
Online