Wind River Support Network

HomeDefectsLIN7-9544

Fixed

LIN7-9544 : Security Advisory - unzip - CVE-2018-1000035

Created: Feb 27, 2018 Updated: Oct 26, 2018

Resolved Date: Aug 28, 2018

Found In Version: 7.0.0.27

Fix Version: 7.0.0.29

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.

https://nvd.nist.gov/vuln/detail/CVE-2018-1000035

Other Downloads

Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2018-1000035