Wind River Support Network

HomeDefectsSCP6-455

Fixed

SCP6-455 : Security Advisory - linux - CVE-2014-4608

Created: Jul 16, 2014 Updated: Dec 3, 2018

Resolved Date: Sep 4, 2014

Found In Version: 6.0.0.12

Fix Version: 6.0.0.12

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run.  NOTE: the author of the LZO algorithms says the Linux kernel is *not* affected; media hype.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4608

Wind River Support Network

SCP6-455 : Security Advisory - linux - CVE-2014-4608

Description

Other Downloads