Integer overflow

2019-05-2917:29:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.4%

JSON

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.

CPENameOperatorVersion
vxworkseq6.8
vxworkseq6.7
vxworkseq6.6
vxworksge6.9
vxworkslt6.9.1

Name	Operator	Version
vxworks	eq	6.8
vxworks	eq	6.7
vxworks	eq	6.6
vxworks	ge	6.9
vxworks	lt	6.9.1

References

support2.windriver.com/index.php?page=security-notices

www.windriver.com/feeds/wind_river_security_notices.xml