On Wed, Sep 13, 2023 at 3:30 AM Schweikhardt, Jens (TSPCE6-TL5) < jens.schweikha...@tesat.de> wrote:
> Hello, > > > > I wonder if RTEMS ever had a vulnerability for which a CVE was created > > (only the RTEMS OS proper, not libbsd or newlib or other components). > > Search engine results don’t turn up much, if anything, so I’m inclined to > think the answer is “no”. > > I found Gedare’s PDF about security hardening for EPICS/RTEMS talking a > bit about > > vulnerabilities, but that does not mention any true CVEs against RTEMS. > > Can anyone say with certainty there are no CVEs against RTEMS? > There was one reported for the GoAhead webserver which we used to bundle with RTEMS. But that CVE was filed against that package years after we removed it. Gedare Bloom posted information about it in October 2021. https://lists.rtems.org/pipermail/users/2021-October/068533.html There has never (fingers crossed) been one reported against RTEMS. I would expect there have been CVEs against packages used with RTEMS which we get from third parties. But I don't know about any of those. I'm not conceited enough to think it could never happen. It just hasn't. --joel > > Jens > > > > > > ------------------------------ > > Tesat-Spacecom GmbH & Co. KG > Sitz: Backnang; Registergericht: Amtsgericht Stuttgart HRA 270977 > Persoenlich haftender Gesellschafter: Tesat-Spacecom Geschaeftsfuehrungs > GmbH; > Sitz: Backnang; Registergericht: Amtsgericht Stuttgart HRB 271658; > Geschaeftsfuehrung: Thomas Reinartz, Kerstin Basche, Ralph Schmid > > [image: banner] > _______________________________________________ > users mailing list > users@rtems.org > http://lists.rtems.org/mailman/listinfo/users >
_______________________________________________ users mailing list users@rtems.org http://lists.rtems.org/mailman/listinfo/users
