Wind River Support Network

HomeDefectsLIN8-8115

Fixed

LIN8-8115 : Security Advisory - linux - CVE-2017-15537

Created: Oct 29, 2017 Updated: Dec 3, 2018

Resolved Date: Nov 10, 2017

Found In Version: 8.0.0.22

Fix Version: 8.0.0.23

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Kernel

Description

The x86/fpu (Floating Point Unit) subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace() or rt_sigreturn() system call, allowing local users to read the FPU registers of other processes on the system, related to arch/x86/kernel/fpu/regset.c and arch/x86/kernel/fpu/signal.c.

https://nvd.nist.gov/vuln/detail/CVE-2017-15537

Other Downloads

Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-15537