AM3352: Ripple20 vulnerability

Takayuki Miyazaki

Genius 10120 points

Part Number: AM3352

Hello team,

I received an inquiry from a customer about the Ripple20 vulnerability of Treck TCP/IP Stack.

I was able to find similar threads as follows, however, please allow me to ask this for AM335x device/SDK.

https://e2e.ti.com/support/processors/f/791/t/916293

https://e2e.ti.com/support/processors/f/791/t/918983

If customer did not use some third-party software that includes this TCP/IP stack from Treck, I understand that AM335x-system which customer developed is not vulnerable to this set of issues.

Can we have expert's advice/comments on this, please?

Best regards,

Miyazaki

over 5 years ago

0 Garrett Ding over 5 years ago

TI__Mastermind 43296 points

Miyazaki,

The Ripple20 vulnerability is identified from Treck TCP/IP Stack as you noted. More details about the issue is captured here:

I will try to reach out to our NDK team to see if any more comments in addition to the threads you referred to.

Regards,
Garrett

0 Takayuki Miyazaki over 5 years ago in reply to Garrett Ding

TI__Genius 10120 points

Hello Garrett,

Can I say that AM335x(Linux SDK) is not vulnerable to this set of issues?

best regards, Miyazaki

0 Garrett Ding over 5 years ago in reply to Takayuki Miyazaki

TI__Mastermind 43296 points

Miyazaki,

Yes, this aligns with the statement here -

Regards,

Garrett

0 Takayuki Miyazaki over 5 years ago in reply to Garrett Ding

TI__Genius 10120 points

Hi Garrett-san,

Thank you for your clarification / hard-work.

Best regards, Miyazaki

Processors

Processors forum

AM3352: Ripple20 vulnerability