Wind River Support Network

HomeDefectsLIN9-5186
Fixed

LIN9-5186 : Security Advisory - openssl - CVE-2017-3735

Created: Sep 6, 2017    Updated: May 29, 2018
Resolved Date: Sep 13, 2017
Previous ID: LIN5-23567
Found In Version: 9.0.0.9
Fix Version: 9.0.0.11
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL since then.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3735

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube