Wind River Support Network

HomeDefectsLIN6-9380

Fixed

LIN6-9380 : Security Advisory - dpkg - CVE-2014-8625

Created: Feb 1, 2015 Updated: Dec 3, 2018

Resolved Date: Jun 23, 2015

Found In Version: 6.0

Fix Version: 6.0.0.22

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture name.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8625

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38