Wind River Support Network

HomeDefectsLIN7-6781

Fixed

LIN7-6781 : Security Advisory - cracklib - CVE-2016-6318

Created: Sep 11, 2016 Updated: Sep 8, 2018

Resolved Date: Oct 17, 2016

Found In Version: 7.0.0.19

Fix Version: 7.0.0.21

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6318

Other Downloads

Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-6318