Wind River Support Network

HomeSafety and Security Notices

These vulnerabilities may occur in Wind River–developed products or in execution environments in which Wind River products operate. Wind River is committed to active threat monitoring, rapid assessment and threat prioritization, proactive customer notification, and timely remediation.

Reset
Showing
of 327 entries
NoticeSummaryProductsRequirementRelease DateLast Modify Date
Wind River VxWorks 20210319 Security Alert for CVE-2020-35198 Possible buffer overflow conditions in cacheDmaMalloc()/cacheArchDmaMalloc()/mmap64(). Products Recommended Mar 19, 2021 Aug 31, 2021
Wind River Security Vulnerability Notice: TCP SACK PANIC (CVE-2019-11477 CVE-2019-11478 CVE-2019-11479) Wind River Security Vulnerability Notice: TCP SACK PANIC (CVE-2019-11477 CVE-2019-11478 CVE-2019-11479) for Wind River Linux Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 Recommended -- Aug 9, 2019
Wind River Security Vulnerability Notice: Straight-Line Speculation (CVE-2020-13844) Wind River Security Vulnerability Notice: Straight-Line Speculation (CVE-2020-13844) for Wind River Linux Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19 Recommended -- Jun 16, 2020
Wind River Security Vulnerability Notice: Special Register Buffer Data Sampling Advisory (CVE-2020-0543) Wind River Security Vulnerability Notice: Special Register Buffer Data Sampling Advisory (CVE-2020-0543) for Wind River Linux Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19 Recommended -- Jun 11, 2020
Wind River Security Vulnerability Notice: several CVEs released by Intel Product Security Center in November 12, 2019 Wind River Security Vulnerability Notice: several CVEs on Intel products may effect on Wind River Linux Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 Recommended -- Dec 11, 2019
Wind River Security Vulnerability Notice: openssl EDIPARTYNAME NULL pointer de-reference, CVE-2020-1971 Wind River Security Vulnerability Notice: CVE-2020-1971 of openssl may effect on Wind River Linux Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD Recommended -- Dec 8, 2020
Wind River Security Vulnerability Notice: Multiple vulnerabilities on dnsmasq Wind River Security Vulnerability Notice: Multiple vulnerabilities on dnsmasq Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD Recommended -- Jan 19, 2021
Wind River Security Vulnerability Notice: Microarchitectural Data Sampling (CVE-2018-12126 , CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) Wind River Security Vulnerability Notice: Microarchitectural Data Sampling (CVE-2018-12126 , CVE-2018-12127,CVE-2018-12130,CVE-2019-11091) for Wind River Linux Wind River Linux 4, Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18 Recommended -- Jun 30, 2019
Wind River Security Vulnerability Notice: Meltdown and Spectre Side-Channel Attacks - (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715) for Wind River Linux and Pulsar Wind River Security Vulnerability Notice: Meltdown and Spectre Side-Channel Attacks - (CVE-2017-5754, CVE-2017-5753 and CVE-2017-5715) for Wind River Linux and Pulsar Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Pulsar Linux 8, Wind River Linux LTS 17 Recommended Jan 3, 2018 Mar 4, 2019
Wind River Security Vulnerability Notice: Hot fix of CVE-2023-45853 for Wind River Linux LTS22 RCPL0013 Wind River Security Vulnerability Notice: Hot fix of CVE-2023-45853 for Wind River Linux LTS22 RCPL0013 Wind River Linux LTS 22 Recommended Nov 15, 2023 Nov 15, 2023
Wind River Security Vulnerability Notice: Hot fix of 24 CVE issues for LTS23 GA release Wind River Security Vulnerability Notice: Hot fix of 24 CVE issues for LTS23 GA release Wind River Linux LTS 23 Recommended Feb 8, 2023 Aug 31, 2023
Wind River Security Vulnerability Notice: Heap-based buffer overflow in Sudo, CVE-2021-3156 Wind River Security Vulnerability Notice: CVE-2021-3156 of sudo may effect on Wind River Linux Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD Recommended -- Jan 26, 2021
Wind River Security Vulnerability Notice: CVE-2023-0286 Wind River Security Vulnerability Notice: CVE-2023-0286 of openssl Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21, Wind River Linux Distro LTS 21, Wind River Linux LTS 22, Wind River Linux Distro LTS 22 Recommended Feb 8, 2023 Feb 7, 2023
Wind River Security Vulnerability Notice: CVE-2022-3602 CVE-2022-3786 Wind River Security Vulnerability Notice: CVE-2022-3602 and CVE-2022-3786 of openssl Wind River Linux CD, Wind River Linux LTS 22 Recommended Nov 1, 2022 Nov 18, 2022
Wind River Security Vulnerability Notice: CVE-2022-23960 Spectre-BHB vulnerability on ARM CPU Researchers disclosed a new cache speculation vulnerability known as Spectre-BHB. A serials of ARM cpus are affected on it. Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 Recommended Mar 9, 2022 Mar 8, 2022
Wind River Security Vulnerability Notice: CVE-2022-0001 Spectre-BHI and CVE-2022-0002 Spectre-IMBTI vulnerability on Intel CPU Researchers disclosed two new cache speculation vulnerability known as Branch History Injection (BHI) and Intra-mode BTI (IMBTI). A serials of Intel cpus are affected on it. Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 Recommended Mar 9, 2022 Mar 13, 2022
Wind River Security Vulnerability Notice: CVE-2021-44228, CVE-2021-4104, CVE-2021-45046, CVE-2021-45105, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307 Wind River Linux is not affected by CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2022-23302, CVE-2022-23305 or CVE-2022-23307. WRLinux 8 and earlier release is not affected by CVE-2021-4104 provided the JMSAppender component has not been manually activated. Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 Recommended Dec 13, 2021 Jan 19, 2022
Wind River Security Vulnerability Notice: CVE-2021-3711 Wind River Security Vulnerability Notice:CVE-2021-3711 of openssl Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 Recommended -- Aug 24, 2021
Wind River Security Vulnerability Notice: CVE-2021-33909 and CVE-2021-33910 Wind River Security Vulnerability Notice: CVE-2021-33909 and CVE-2021-33910 of linux kernel and systemd Wind River Linux 8, Wind River Linux 9, Wind River Linux LTS 17, Wind River Linux LTS 18, Wind River Linux LTS 19, Wind River Linux CD, Wind River Linux LTS 21 Recommended -- Jul 20, 2021
Wind River Security Vulnerability Notice: CVE-2020-1967 Wind River Security Vulnerability Notice: CVE-2020-1967 of openssl Wind River Linux LTS 18, Wind River Linux LTS 19 Recommended Apr 22, 2020 Apr 22, 2020
Wind River Security Vulnerability Notice: CVE-2018-8897 for linux kernel Wind River Security Vulnerability Notice: CVE-2018-8897 Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 9, Wind River Linux LTS 17 Recommended May 8, 2018 May 8, 2018
Wind River Security Vulnerability Notice: CVE-2018-5407 - side-channel vulnerability on SMT/Hyper-Threading architectures (aka PortSmash) Wind River Security Vulnerability Notice: CVE-2018-5407 - side-channel vulnerability on SMT/Hyper-Threading architectures (aka PortSmash) Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 9, Wind River Linux LTS 17 Recommended Nov 7, 2018 Nov 13, 2018
Wind River Security Vulnerability Notice: Stack-heap overflow Vulnerabilities - CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000366 Wind River Security Vulnerability Notice: Stack-heap overflow Vulnerabilities - CVE-2017-1000364, CVE-2017-1000365, CVE-2017-1000366 Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9 Recommended Jun 19, 2017 Jul 31, 2017
Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704 Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704 Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5, Wind River Linux 9 Recommended Oct 6, 2017 Oct 6, 2017
Wind River Security Alert: Open SSL 3.0.X Critical Vulnerability On October 26, 2022, Wind River® became aware of a new vulnerability in Open SSL versions 3.0.0 to 3.0.6. On November 1st, 2022, The Open SSL Group announced two High Vulnerabilities CVE-2022-3786 and CVE 2022-3602. The OpenSSL Project has released version 3.0.7, available on November 1st to remediate these vulnerabilities. These High vulnerabilities are likely to be exploitable; examples include ​significant disclosure of the contents of server memory (potentially revealing user details), vulnerabilities which can be easily exploited remotely to compromise server private keys, or where remote code execution is considered likely. Products Mandatory Oct 27, 2022 Nov 1, 2022
Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE­-2014­-3566 & CVE-2014-3568) Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability (CVE­-2014­-3566 & CVE-2014-3568) Wind River Linux 4, Linux 3, Wind River Linux 6, Wind River Linux 5 Recommended Oct 15, 2014 Oct 23, 2014
Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE­-2014­-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities (CVE­-2014­-9293,CVE-2014-9294,CVE-2014-9295,CVE-2014-9296) Wind River Linux 4, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 Recommended Dec 22, 2014 Dec 22, 2014
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278 ) Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x (CVE-2014-6271 & CVE-2014-7169 & CVE-2014-7186 & CVE-2014-7187 & CVE-2014-6277 & CVE-2014-6278) Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 Recommended Sep 24, 2014 Nov 20, 2014
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 Recommended Aug 18, 2014 Aug 18, 2014
Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x Wind River Security Alert for Wind River Linux 3.x/4.x/5.0.1.x/6.0.0.x Wind River Linux 4, Linux 3, Wind River Linux 6, Wind River Linux 5 Recommended Apr 8, 2014 Apr 14, 2014
Wind River Security Alert for Logjam Attack Wind River Security Alert for Logjam Attack Wind River Linux 4, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 Recommended May 27, 2015 May 29, 2015
Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235) Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 Recommended Jan 29, 2015 Aug 10, 2015
Wind River Security Alert for CVE-2016-0728 Wind River Security Alert for CVE-2016-0728 Wind River Linux 5 Recommended Jan 21, 2016 Jan 25, 2016
Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) Wind River Security Alert for 2 openssh vulnerabilities (CVE-2016-0777 and CVE-2016-0778) Wind River Linux 8, Wind River Linux 7, Wind River Linux 6, Wind River Linux 5 Recommended Jan 15, 2016 Jan 15, 2016
Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298) Wind River Linux 4, Wind River Linux 6, Wind River Linux 5 Recommended Feb 5, 2015 Feb 5, 2015
Wind River Pulsar Linux Security Alert for ‘WPA security bug’ (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) WPA packet number reuse with replayed messages and key reinstallation. Effect on all our supporting release. Pulsar Linux 8 Recommended Oct 16, 2017 Oct 18, 2017
Wind River Linux Security Bulletin Latest Wind River Linux Security Bulletin Latest Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 23, 2024 Apr 23, 2024
Wind River Linux Security Bulletin 2024-04-23 Wind River Linux Security Bulletin 2024-04-23 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 23, 2024 Apr 23, 2024
Wind River Linux Security Bulletin 2024-04-18 Wind River Linux Security Bulletin 2024-04-18 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 18, 2024 Apr 18, 2024
Wind River Linux Security Bulletin 2024-04-17 Wind River Linux Security Bulletin 2024-04-17 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 17, 2024 Apr 17, 2024
Wind River Linux Security Bulletin 2024-04-11 Wind River Linux Security Bulletin 2024-04-11 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 11, 2024 Apr 11, 2024
Wind River Linux Security Bulletin 2024-04-09 Wind River Linux Security Bulletin 2024-04-09 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 9, 2024 Apr 9, 2024
Wind River Linux Security Bulletin 2024-04-03 Wind River Linux Security Bulletin 2024-04-03 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Apr 3, 2024 Apr 3, 2024
Wind River Linux Security Bulletin 2024-03-28 Wind River Linux Security Bulletin 2024-03-28 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 28, 2024 Mar 28, 2024
Wind River Linux Security Bulletin 2024-03-26 Wind River Linux Security Bulletin 2024-03-26 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 26, 2024 Mar 26, 2024
Wind River Linux Security Bulletin 2024-03-21 Wind River Linux Security Bulletin 2024-03-21 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 21, 2024 Mar 21, 2024
Wind River Linux Security Bulletin 2024-03-19 Wind River Linux Security Bulletin 2024-03-19 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 19, 2024 Mar 19, 2024
Wind River Linux Security Bulletin 2024-03-14 Wind River Linux Security Bulletin 2024-03-14 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 14, 2024 Mar 14, 2024
Wind River Linux Security Bulletin 2024-03-12 Wind River Linux Security Bulletin 2024-03-12 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 12, 2024 Mar 12, 2024
Wind River Linux Security Bulletin 2024-03-07 Wind River Linux Security Bulletin 2024-03-07 Wind River Linux LTS 19, Wind River Linux LTS 21, Wind River Linux LTS 22, Wind River Linux LTS 23 Recommended Mar 7, 2024 Mar 7, 2024
Live chat
Online