Wind River Support Network

HomeDefectsLIN7-6944

Fixed

LIN7-6944 : Security Advisory - linux - CVE-2016-7425

Created: Oct 25, 2016 Updated: Sep 8, 2018

Resolved Date: Nov 15, 2016

Found In Version: 7.0.0.20

Fix Version: 7.0.0.22

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Kernel

Description

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.

Other Downloads

Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-7425