Wind River Security Notice: CVE-2015-7547 Vulnerabilities

Wind River Vulnerability Security Notice: CVE-2015-7547

Wind River^® is aware of and has analyzed the glibc vulnerability reported as CVE-2015-7547. In cases where there is a vulnerability, the appropriate remediation is noted. For more details on this security vulnerability see CVE-2015-7547 National Vulnerability Database.

Product Vulnerability Exposure

The following is a list of Wind River products and their vulnerability to the CVE-2015-7547 security vulnerability. For products that are affected, a link to the appropriate online support page is provided. Links to workarounds and patches require a Wind River Support Network account.)

Product	Vulnerable	Versions	Remediation
Wind River Linux	Yes	8.x	Hot patch* https://knowledge.windriver.com/en-us/000_Products/000/010/010/000/000_Wind_River_Linux_8.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547
Wind River Linux	Yes	7.x	Hot patch* https://knowledge.windriver.com/en-us/000_Products/000/010/000/000/000_Wind_River_Linux_7.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547
Wind River Linux	Yes	6.x	Hot patch* https://knowledge.windriver.com/en-us/000_Products/000/010/010/000/000_Wind_River_Linux_6.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547
Wind River Linux	Yes	5.0.1.x	Hot patch* https://knowledge.windriver.com/en-us/000_Products/000/010/020/000/000_Wind_River_Linux_5.0.1_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547
Wind River Linux	Yes	4.3.0.x	Please contact your local Wind River representative or Support at https://support.windriver.com/ols/forms/olsfeedback.php
Wind River Intelligent Device Platform	Yes	1.0, 2.0.x	Hot patch* https://knowledge.windriver.com/en-us/000_Products/000/010/020/000/000_Wind_River_Linux_5.0.1_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547
Wind River Intelligent Device Platform XT	Yes	3.0.x	Hot patch* https://knowledge.windriver.com/en-us/000_Products/000/010/000/000/000_Wind_River_Linux_7.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547

Note: *You need an account to access the patches.

Wind River Edge Products »

VxWorks

Wind River Linux

Wind River Helix Virtualization Platform

eLxr Pro

Wind River Studio

Pipelines

Virtual Lab

Test Automation

Over-the-Air Updates

Digital Feedback Loop

Cloud Platform

Conductor

Analytics

Industries & Insights

Resource Library

Wind River Studio Services »

Wind River Acceleration Program

Security & Support

Security Center

Support Network

About Wind River »

Wind River Vulnerability Security Notice: CVE-2015-7547

Wind River^® is aware of and has analyzed the glibc vulnerability reported as CVE-2015-7547. In cases where there is a vulnerability, the appropriate remediation is noted. For more details on this security vulnerability see CVE-2015-7547 National Vulnerability Database.

Product Vulnerability Exposure

Wind River Edge Products »

VxWorks

Wind River Linux

Wind River Helix Virtualization Platform

eLxr Pro

Wind River Studio

Pipelines

Virtual Lab

Test Automation

Over-the-Air Updates

Digital Feedback Loop

Cloud Platform

Conductor

Analytics

Industries & Insights

Resource Library

Wind River Studio Services »

Wind River Acceleration Program

Security & Support

Security Center

Support Network

About Wind River »

Wind River Vulnerability Security Notice: CVE-2015-7547

Wind River® is aware of and has analyzed the glibc vulnerability reported as CVE-2015-7547. In cases where there is a vulnerability, the appropriate remediation is noted. For more details on this security vulnerability see CVE-2015-7547 National Vulnerability Database.

Product Vulnerability Exposure

Wind River^® is aware of and has analyzed the glibc vulnerability reported as CVE-2015-7547. In cases where there is a vulnerability, the appropriate remediation is noted. For more details on this security vulnerability see CVE-2015-7547 National Vulnerability Database.