These vulnerabilities may occur in Wind River–developed products or in execution environments in which Wind River products operate. Wind River is committed to active threat monitoring, rapid assessment and threat prioritization, proactive customer notification, and timely remediation.
Notice | Summary | Products | Requirement | Release Date | Last Modify Date |
---|---|---|---|---|---|
Updated Intel Microcode 20180108 | Wind River Update Notice: Updated Intel Microcode 20180108 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Pulsar Linux 8, Wind River Linux LTS 17 | Obsolete | Jan 11, 2018 | Mar 16, 2018 |
Wind River Linux Security Bulletin 2020-06-09 | Wind River Linux Security Bulletin 2020-06-09 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jun 9, 2020 | Jun 14, 2020 |
Wind River Linux Security Bulletin 2020-06-14 | Wind River Linux Security Bulletin 2020-06-14 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jun 15, 2020 | Jun 22, 2020 |
Wind River Linux Security Bulletin 2020-06-22 | Wind River Linux Security Bulletin 2020-06-22 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jun 22, 2020 | Jun 28, 2020 |
Wind River Linux Security Bulletin 2020-06-29 | Wind River Linux Security Bulletin 2020-06-29 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jun 29, 2020 | Jul 6, 2020 |
Wind River Linux Security Bulletin 2020-07-07 | Wind River Linux Security Bulletin 2020-07-07 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jul 7, 2020 | Jul 12, 2020 |
Wind River Linux Security Bulletin 2020-07-13 | Wind River Linux Security Bulletin 2020-07-13 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jul 13, 2020 | Jul 19, 2020 |
Wind River Linux Security Bulletin 2020-07-20 | Wind River Linux Security Bulletin 2020-07-20 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jul 20, 2020 | Jul 28, 2020 |
Wind River Linux Security Bulletin 2020-07-28 | Wind River Linux Security Bulletin 2020-07-28 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Jul 28, 2020 | Aug 2, 2020 |
Wind River Linux Security Bulletin 2020-08-03 | Wind River Linux Security Bulletin 2020-08-03 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Aug 3, 2020 | Aug 9, 2020 |
Wind River Linux Security Bulletin 2020-08-10 | Wind River Linux Security Bulletin 2020-08-10 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Aug 10, 2020 | Aug 16, 2020 |
Wind River Linux Security Bulletin 2020-08-17 | Wind River Linux Security Bulletin 2020-08-17 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Aug 17, 2020 | Aug 23, 2020 |
Wind River Linux Security Bulletin 2020-08-24 | Wind River Linux Security Bulletin 2020-08-24 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Aug 24, 2020 | Aug 30, 2020 |
Wind River Linux Security Bulletin 2020-08-31 | Wind River Linux Security Bulletin 2020-08-31 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Aug 31, 2020 | Sep 6, 2020 |
Wind River Linux Security Bulletin 2020-09-07 | Wind River Linux Security Bulletin 2020-09-07 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Sep 7, 2020 | Sep 13, 2020 |
Wind River Linux Security Bulletin 2020-09-14 | Wind River Linux Security Bulletin 2020-09-14 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Sep 14, 2020 | Sep 20, 2020 |
Wind River Linux Security Bulletin 2020-09-21 | Wind River Linux Security Bulletin 2020-09-21 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Sep 21, 2020 | Sep 26, 2020 |
Wind River Linux Security Bulletin 2020-09-27 | Wind River Linux Security Bulletin 2020-09-27 | Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD | Obsolete | Sep 27, 2020 | Oct 11, 2020 |
Wind River Security Alert: Open SSL 3.0.X Critical Vulnerability | On October 26, 2022, Wind River® became aware of a new vulnerability in Open SSL versions 3.0.0 to 3.0.6. On November 1st, 2022, The Open SSL Group announced two High Vulnerabilities CVE-2022-3786 and CVE 2022-3602. The OpenSSL Project has released version 3.0.7, available on November 1st to remediate these vulnerabilities. These High vulnerabilities are likely to be exploitable; examples include significant disclosure of the contents of server memory (potentially revealing user details), vulnerabilities which can be easily exploited remotely to compromise server private keys, or where remote code execution is considered likely. | Products | Mandatory | Oct 27, 2022 | Nov 1, 2022 |
Wind River Linux Mid-Sep 2013 Security Bulletin | Wind River Linux Mid-Sep 2013 Security Bulletin | Linux Platforms 2.0 | Recommended | Mar 5, 2012 | Sep 16, 2013 |
Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x | Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x | Wind River Linux 4, Linux 3, Wind River Linux 6, Wind River Linux 5 | Recommended | Apr 8, 2014 | Apr 14, 2014 |
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x | Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Aug 18, 2014 | Aug 18, 2014 |
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278 ) | Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278) | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Sep 24, 2014 | Nov 20, 2014 |
Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE-2014-3566 & CVE-2014-3568) | Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE-2014-3566 & CVE-2014-3568) | Wind River Linux 4, Linux 3, Wind River Linux 6, Wind River Linux 5 | Recommended | Oct 15, 2014 | Oct 23, 2014 |
Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE-2014-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) | Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE-2014-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) | Wind River Linux 4, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Dec 22, 2014 | Dec 22, 2014 |
Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) | Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Jan 29, 2015 | Aug 10, 2015 |
Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) | Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) | Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Feb 5, 2015 | Feb 5, 2015 |
The leap second handling in WRLinux (update 07/22/2015) | The leap second handling in WRLinux | Linux Platforms 2.0, Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 | Recommended | Feb 9, 2015 | Jul 22, 2015 |
Wind River Security Alert for Logjam Attack | Wind River Security Alert for Logjam Attack | Wind River Linux 4, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | May 27, 2015 | May 29, 2015 |
Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) | Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Jan 15, 2016 | Jan 15, 2016 |
Wind River Security Alert for CVE-2016-0728 | Wind River Security Alert for CVE-2016-0728 | Wind River Linux 5 | Recommended | Jan 21, 2016 | Jan 25, 2016 |
Wind River Linux Security Alert for ‘openssl security bug’ (CVE-2016-0701 & CVE-2015-3197) | Two CVE issue on openssl. CVE-2015-3197 effect on all WRL5~8 while CVE-2016-0701 only effect on WRL8. | Wind River Linux 8 | Recommended | Jan 28, 2016 | Feb 1, 2016 |
Wind River Linux 8.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 8.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Feb 19, 2016 | Feb 21, 2016 |
Wind River Linux 5.0.1 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 5.0.1 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 5 | Recommended | Feb 21, 2016 | Feb 21, 2016 |
Wind River Linux 6.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 6.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 6 | Recommended | Feb 21, 2016 | Feb 21, 2016 |
Wind River Linux 7.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 7.0 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 7 | Recommended | Feb 21, 2016 | Feb 21, 2016 |
Wind River Linux 4.3 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 4.3 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547 | Wind River Linux 4 | Recommended | Feb 22, 2016 | Feb 22, 2016 |
Wind River Linux Security Alert for several openssl security issues | There are eight new reported and fixed CVE issues in OpenSSL to be released on 20160301. They are: CVE-2016-0800, CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0703, CVE-2016-0704. | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Mar 1, 2016 | Mar 2, 2016 |
Wind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176) | Wind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176) | Wind River Linux 4, Wind River Linux 7, Wind River Linux 8, Wind River Linux 6, Wind River Linux 5 | Recommended | May 3, 2016 | May 3, 2016 |
Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016 | Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Sep 25, 2016 | Sep 28, 2016 |
New leap second 2016-12-31 23:59:60 UTC handling in WRLinux | The leap second handling in WRLinux | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Nov 17, 2016 | Nov 27, 2016 |
Security Advisory - CVE-2016-5195 for linux kernel | Security Advisory - CVE-2016-5195 for linux kernel | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 | Recommended | Oct 24, 2016 | Oct 24, 2016 |
Wind River Security Vulnerability Notice: Stack-heap overflow Vulnerabilities - CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000366 | Wind River Security Vulnerability Notice: Stack-heap overflow Vulnerabilities - CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000366 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9 | Recommended | Jun 19, 2017 | Jul 31, 2017 |
Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704 | Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9 | Recommended | Oct 6, 2017 | Oct 6, 2017 |
Wind River Linux Security Alert for ‘WPA security bug’ (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) | WPA packet number reuse with replayed messages and key reinstallation. Effect on all our supporting release. | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9 | Recommended | Oct 16, 2017 | Nov 3, 2017 |
Wind River Pulsar Linux Security Alert for ‘WPA security bug’ (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) | WPA packet number reuse with replayed messages and key reinstallation. Effect on all our supporting release. | Pulsar Linux 8 | Recommended | Oct 16, 2017 | Oct 18, 2017 |
Wind River Security Vulnerability Notice: Meltdown and Spectre Side-Channel Attacks - (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715) for Wind River Linux and Pulsar | Wind River Security Vulnerability Notice: Meltdown and Spectre Side-Channel Attacks - (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715) for Wind River Linux and Pulsar | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Pulsar Linux 8, Wind River Linux LTS 17 | Recommended | Jan 3, 2018 | Mar 4, 2019 |
Updated Intel Microcode 20180312 | Wind River Update Notice: Updated Intel Microcode 20180312 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 9, Pulsar Linux 8, Wind River Linux LTS 17 | Recommended | Mar 15, 2018 | Mar 21, 2018 |
Wind River Security Vulnerability Notice: CVE-2018-8897 for linux kernel | Wind River Security Vulnerability Notice: CVE-2018-8897 | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 9, Wind River Linux LTS 17 | Recommended | May 8, 2018 | May 8, 2018 |
Wind River Security Vulnerability Notice: CVE-2018-5407 - side-channel vulnerability on SMT/Hyper-Threading architectures (aka PortSmash) | Wind River Security Vulnerability Notice: CVE-2018-5407 - side-channel vulnerability on SMT/Hyper-Threading architectures (aka PortSmash) | Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 9, Wind River Linux LTS 17 | Recommended | Nov 7, 2018 | Nov 13, 2018 |