Scheduled maintenance: Some features related to account registration and licensing may be temporarily unavailable from Friday (June 5, 2026) at 1 PM to 6 PM (PST).

Wind River Support Network

HomeDefectsLIN8-4620

Fixed

LIN8-4620 : Security Advisory - openssl - CVE-2016-6302

Created: Sep 1, 2016 Updated: Dec 3, 2018

Resolved Date: Sep 11, 2016

Found In Version: 8.0

Fix Version: 8.0.0.10

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

It was found that if a ticket callback changes the HMAC digest to SHA512 the existing sanity checks are not sufficient and an attacker could perform a DoS attack with a malformed ticket.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6302

Security Notices

Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016

Other Downloads

CVEs

CVE-2016-6302