Wind River Support Network

HomeDefectsLIN8-6263

Fixed

LIN8-6263 : Security Advisory - elfutils - CVE-2016-10255

Created: Mar 28, 2017 Updated: Dec 3, 2018

Resolved Date: Apr 23, 2017

Found In Version: 8.0.0.15

Fix Version: 8.0.0.17

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10255

Other Downloads

Wind River Linux 8.0.0.17
Wind River Linux 8.0.0.18
Wind River Linux 8.0.0.19
Wind River Linux 8.0.0.20
Wind River Linux 8.0.0.21
Wind River Linux 8.0.0.22
Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2016-10255