Wind River Support Network

HomeSecurity NoticesWind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235)
Recommended

Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235)

Released: Jan 29, 2015     Updated: Aug 10, 2015

Summary

Wind River Security Alert for GHOST gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235)


Affected Product Versions

Wind River Linux 4, Wind River Linux 5, Wind River Linux 6

Downloads


Description

This alert confirms that the following Wind River Linux releases are susceptible to the ghost gethostbyname heap overflow in glibc/eglibc (CVE-2015-0235).

Description:
===========
The vulnerabilities affect the glibc versions < 2.18, so Wind River Linux 2.0.x/3.0.x/4.3.0.x/5.0.1.x/6.0.x are affected by this vulnerability.

The details of the vulnerability can be found at http://www.openwall.com/lists/oss-security/2015/01/27/9

Note:
===========
WRLinux 7.0 and above are not susceptible to the ghost gethostbyname heap overflow in glibc/eglibc because they use glibc version 2.18 or higher.
WRLinux 6.0.x ships (in source form) both glibc 2.17 and 2.18. The default used in WRL 6 is 2.18. It will be affected if a project meets the following criteria:

1) --enable-unsupported-toolchain=openembedded-core is set when configuring the project.
2) PREFERRED_VERSION_eglibc = "2.17" is added to .conf file, to explicitly instruct the building system that glibc 2.17 is wanted.

Disable the above options.

Plan:
===========
We will ship the fix in WRLinux4.3.0.29/WRLinux5.0.1.24/WRLinux6.0.0.18.


Temp fixes:
===========

WRL4.3.0.28

$cd productdir/wrlinux-4/layers/updates/RCPL-4.3-WRL.0028/wrll-toolchain-4.4a-457/common/tools/glibc/patches
$cp cve-2015-0235-wr4.patch .
$echo cve-2015-0235-wr4.patch >> patches.list
$configure the project with --with-template=feature/build_libc
$make fs


WRL5.0.1.16

$configure a new project with --enable-build-libc and without --with-sstate-dir option to ensure the patch can be applied successfully.
$make bbs
$bitbake wrl-glibc-rebuild -c patch
$pushd ../build/wrl-glibc-rebuild-*
$cd glibc-*
$patch -Np1 < cve-2015-0235-wr5.patch
$popd
$exit
$make fs


The 2.0.x/3.0.x are End of Life (EOL). Contact Wind River Support at +1-800-872-4977 or your local Wind River representative for the Wind River Linux 2.0.x/3.0.x fix.


Live chat
Online