Wind River Support Network

HomeDefectsLIN7-10676
Fixed

LIN7-10676 : Security Advisory - linux - CVE-2019-7308

Created: Feb 14, 2019    Updated: Jun 12, 2019
Resolved Date: Apr 30, 2019
Found In Version: 7.0.0.30
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel

Description

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.

https://nvd.nist.gov/vuln/detail/CVE-2019-7308

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube