Affected Product Versions
VxWorks 7 SR0610, VxWorks 7 SR0540, VxWorks 6.9
Description
Applicable to the following CVEs:
CVE-2019-12256 (V7NET-2423) Stack overflow in the parsing of IPv4 packets’ IP options
CVE-2019-12257 (VXW6-87101) Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc
CVE-2019-12255 (VXW6-87100) TCP Urgent Pointer = 0 leads to integer underflow
CVE-2019-12260 (V7NET-2425) TCP Urgent Pointer state confusion caused by malformed TCP AO option
CVE-2019-12261 (V7NET-2425) TCP Urgent Pointer state confusion during connect() to a remote host
CVE-2019-12263 (V7NET-2425) TCP Urgent Pointer state confusion due to race condition
CVE-2019-12258 (V7NET-2426) DoS of TCP connection via malformed TCP options
CVE-2019-12259 (V7NET-2428) DoS via NULL dereference in IGMP parsing
CVE-2019-12262 (V7NET-2427) Handling of unsolicited Reverse ARP replies (Logical Flaw)
CVE-2019-12264 (V7NET-2428) Logical flaw in IPv4 assignment by the ipdhcpc DHCP client
CVE-2019-12265 (V7NET-2428) IGMP Information leak via IGMPv3 specific membership report
Files content:
VxWorks-SR540-IPnet-CVE-Patch.zip: see README
VxWorks-6.9.4-IPnet-CVE-Patch.zip: see README
vx694_CVE_v2Src.zip: affected source files before and after applying the patch
VxWorks 7 SR0610 is affected by some of these vulnerabilities. Customers using VxWorks 7 SR0610 should upgrade to VxWorks 7 SR0620 which is the latest official release and includes fixes for these vulnerabilities.