Wind River® is committed to delivering secure, reliable products that keep your devices protected. As part of this commitment, our Security Response Team is constantly monitoring and assessing thousands of notifications from CERT-accepted authorities and agencies, Linux security communities such as oss-security, and our customers. Wind River prioritizes these notifications, responds, and proactively contacts customers for timely alerts, enabling them to secure their devices.
The recently reported MDS hardware vulnerability has been addressed by the Security Response Team. MDS is a group of speculative execution side channel vulnerabilities.
MDS is tracked under the following CVE entries:
We have determined that some Wind River products are impacted, including the following:
- Wind River Linux
- Wind River Titanium Cloud
Customers with questions about these vulnerabilities should contact Wind River Customer Support or their local Wind River representative for information regarding mitigation.
The following list provides information about Wind River products and the CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, and CVE-2019-11091 vulnerabilities. For additional questions, please contact Wind River Customer Support or your Wind River sales representative.
|Wind River Linux||Please see the Wind River security notice at https://support2.windriver.com/index.php?page=security-notices&on=view&id=6621|
|Wind River Titanium Cloud||https://support2.windriver.com/index.php?page=security-notices&on=view&id=6633|
We continue to monitor the situation on our security mailing lists in case there are new developments, and will post periodic updates via RSS feeds and the Wind River Support Network.