Wind River Support Network

HomeDefectsLIN7-6763
Fixed

LIN7-6763 : Security Advisory - openssl - CVE-2016-6302

Created: Sep 1, 2016    Updated: Sep 8, 2018
Resolved Date: Sep 7, 2016
Found In Version: 7.0
Fix Version: 7.0.0.20
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

It was found that if a ticket callback changes the HMAC digest to SHA512 the existing sanity checks are not sufficient and an attacker could perform a DoS attack with a malformed ticket.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302 

Security Notices


Other Downloads


CVEs


Live chat
Online