Fixed
Created: Apr 21, 2014
Updated: Mar 11, 2016
Resolved Date: Apr 22, 2014
Previous ID: LIN6-7172
Fix Version: 6.0.0.6.SP12
Severity: Critical
Applicable for: Wind River Linux 6
Component/s: Userspace
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160