Wind River Support Network

HomeDefectsLIN9-9149
Fixed

LIN9-9149 : Security Advisory - openconnect - CVE-2019-16239

Created: Oct 8, 2019    Updated: Jun 3, 2020
Resolved Date: Jun 3, 2020
Found In Version: 9.0.0.1
Fix Version: 9.0.0.25
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.

CREATE(Triage):(User=admin) [CVE-2019-16239|https://nvd.nist.gov/vuln/detail/CVE-2019-16239]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube