Wind River Support Network

HomeOther DownloadsWind River Linux 4.3 Toolchain Binary Patch: Multithreaded stack address is near the canary’s address
Recommended Type: Binary Patch

Wind River Linux 4.3 Toolchain Binary Patch: Multithreaded stack address is near the canary’s address

Released: May 17, 2018     Updated: May 18, 2018

Description

The security problem is found by Huawei. There's no CVE number yet.

This is the summary of the issue. Please refer to the attached PDF file for details:

  1. Summary of Issue

The stack canary comparison value for a thread on the PowerPC architecture

can be overwritten by any pthread that is created due to the way the pthread

stack allocations are performed.

Product Version

Wind River Linux 4

Downloads

Installation Notes

** It includes 3 files:

  • wrs-linux-4.4a-476-powerpc-wrs-linux-gnu.src.tar.bz2 Source code after the patch
  • wrs-linux-4.4a-476-powerpc-wrs-linux-gnu-i686-mingw32.tar.bz2 Compiler for use under Windows
  • wrs-linux-4.4a-476-powerpc-wrs-linux-gnu-i686-pc-linux-gnu.tar.bz2 Cos for linux

Installation Instructions: Extract the archive and replace corresponding directory under wrlinux-4/layers/wrll-toolchain-4.4a-341

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube