Wind River Support Network

HomeDefectsLIN7-11564
Fixed

LIN7-11564 : Security Advisory - file - CVE-2019-18218

Created: Oct 22, 2019    Updated: Dec 3, 2019
Resolved Date: Nov 14, 2019
Found In Version: 7.0.0.1
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube