Wind River Support Network

HomeDefectsLIN6-8863

Fixed

LIN6-8863 : Security Advisory - rsyslog - CVE-2014-3683

Created: Dec 1, 2014 Updated: Dec 3, 2018

Resolved Date: Dec 21, 2014

Found In Version: 6.0.0.15

Fix Version: 6.0.0.16

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3683

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38