Wind River Support Network

HomeDefectsLIN6-6734

Fixed

LIN6-6734 : Security Advisory - libyaml - CVE-2013-6393

Created: Feb 16, 2014 Updated: Dec 3, 2018

Resolved Date: Apr 9, 2014

Previous ID: LIN5-18104

Found In Version: 6.0.0.6

Fix Version: 6.0.0.6

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6393

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38