Wind River Support Network

HomeDefectsLIN7-5789

Fixed

LIN7-5789 : Security Advisory - linux - CVE-2016-0821

Created: Mar 14, 2016 Updated: Sep 8, 2018

Resolved Date: Jul 24, 2016

Found In Version: 7.0.0.13

Fix Version: 7.0.0.18

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Kernel

Description

The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0821

Other Downloads

Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-0821