Wind River Support Network

HomeDefectsLIN9-6288
Fixed

LIN9-6288 : Security Advisory - dhcp - CVE-2017-3144

Created: Jan 30, 2018    Updated: Feb 12, 2019
Resolved Date: Feb 6, 2018
Found In Version: 9.0.0.13
Fix Version: 9.0.0.15
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

It was found that omapi code doesn't free socket descriptor if empty message was sent by client, which allows malicious client to use up all available descriptors causing Denial of Service

https://nvd.nist.gov/vuln/detail/CVE-2017-3144  

Other Downloads


CVEs


Live chat
Online