Wind River Support Network

HomeDefectsLIN8-7348

Fixed

LIN8-7348 : Security Advisory - glibc - CVE-2017-12132

Created: Aug 11, 2017 Updated: Dec 3, 2018

Resolved Date: Oct 22, 2017

Found In Version: 8.0.0.20

Fix Version: 8.0.0.23

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Toolchain

Description

The DNS stub resolver in the GNU C Library (aka glibc or libc6) before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.

https://nvd.nist.gov/vuln/detail/CVE-2017-12132

Other Downloads

Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-12132