Wind River Support Network

HomeSecurity NoticesWind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704
Recommended

Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704

Released: Oct 6, 2017     Updated: Oct 6, 2017

Summary

Wind River Security Vulnerability Note: DNSMasq Multiple Vulnerabilities - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704


Affected Product Versions

Wind River Linux 9, Wind River Linux 5, Wind River Linux 6, Wind River Linux 7, Wind River Linux 8

Description

Wind River® is committed to delivering secure, reliable products that keep your devices protected. As part of this commitment, our Security Response Team is constantly monitoring and assessing thousands of notifications from CERT-accepted authorities and agencies, Linux security communities such as oss-security, and our customers. Wind River prioritizes these notifications, responds, and proactively contacts customers for timely alerts, enabling them to secure their devices.

The latest reported DNSMasq vulnerabilities, tracked under the following CVE entries - CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, and CVE-2017-13704, are being addressed by the Security Response Team. The following Wind River Linux versions are affected:

Linux 9
Linux 8
Linux 7
Linux 6
Linux 5


This issue has been rated as HIGH, reference https://knowledge.windriver.com/en-us/020_Product_Support_Policies/010/000_Security_Vulnerability_Response_Policy

The various patches are not yet ready. We will update this page when the patches become available.

We will continue to monitor the situation in case there are new developments. If necessary, we will post periodic updates via RSS feeds and the Wind River Support Network.

www.windriver.com/feeds/wrlinux_900.xml
www.windriver.com/feeds/wrlinux_800.xml
www.windriver.com/feeds/wrlinux_700.xml
www.windriver.com/feeds/wrlinux_600.xml
www.windriver.com/feeds/wrlinux_500.xml

Changelog

2017.10.05: Initial notice

Live chat
Online