Wind River® is aware of and has analyzed the glibc vulnerability reported as CVE-2015-7547. In cases where there is a vulnerability, the appropriate remediation is noted. For more details on this security vulnerability see CVE-2015-7547 National Vulnerability Database.

Product Vulnerability Exposure


The following is a list of Wind River products and their vulnerability to the CVE-2015-7547 security vulnerability. For products that are affected, a link to the appropriate online support page is provided. Links to workarounds and patches require a Wind River Support Network account.)



Product

Vulnerable

Versions

Remediation

Wind River Linux

Yes

8.x

Hot patch*
https://knowledge.windriver.com/en-us/000_Products/000/010/010/000/000_Wind_River_Linux_8.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547

Wind River Linux

Yes

7.x

Hot patch*
https://knowledge.windriver.com/en-us/000_Products/000/010/000/000/000_Wind_River_Linux_7.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547

Wind River Linux

Yes

6.x

Hot patch*
https://knowledge.windriver.com/en-us/000_Products/000/010/010/000/000_Wind_River_Linux_6.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547

Wind River Linux

Yes

5.0.1.x

Hot patch*
https://knowledge.windriver.com/en-us/000_Products/000/010/020/000/000_Wind_River_Linux_5.0.1_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547

Wind River Linux

Yes

4.3.0.x

Please contact your local Wind River representative or Support at
https://support.windriver.com/ols/forms/olsfeedback.php

Wind River Intelligent Device Platform

Yes

1.0, 2.0.x

Hot patch*
https://knowledge.windriver.com/en-us/000_Products/000/010/020/000/000_Wind_River_Linux_5.0.1_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547

Wind River Intelligent Device Platform XT

Yes

3.0.x

Hot patch*
https://knowledge.windriver.com/en-us/000_Products/000/010/000/000/000_Wind_River_Linux_7.0_Security_Alert_for_glibc_getaddrinfo()_stack-based_buffer_overflow__________--_CVE-2015-7547



Note: *You need an account to access the patches.