Wind River Support Network

HomeDefectsLIN6-6580
Fixed

LIN6-6580 : Security Advisory - openssl - CVE-2013-6450

Created: Jan 15, 2014    Updated: Dec 3, 2018
Resolved Date: Jan 17, 2014
Found In Version: 6.0.0.3
Fix Version: 6.0.0.3
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6450

Other Downloads


Live chat
Online