Wind River Support Network

HomeDefectsLIN6-11432

Fixed

LIN6-11432 : Security Advisory - ntp - CVE-2016-1551

Created: Jun 13, 2016 Updated: Dec 3, 2018

Resolved Date: Jun 16, 2016

Found In Version: 6.0.0.29

Fix Version: 6.0.0.30

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

While the majority OSes implement martian packet filtering in their network stack, at least regarding 127.0.0.0/8, a rare few will allow packets claiming to be from 127.0.0.0/8 that arrive over physical network. On these OSes, if ntpd is configured to use a reference clock an attacker can inject packets over the network that look like they are coming from that reference clock.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1551

Other Downloads

Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38