GHnet v2 Product Security Advisory
Green Hills Software LLC’s GHnet™ v2 network stack is based on the network stack from Treck Inc. Treck informed Green Hills Software of multiple vulnerabilities in its network stack, which were found by a third party.
While GHnet v2 is based on Treck’s network stack, the two are not identical. Green Hills Software has made many improvements, added new features, and fixed bugs in the product. Because of these improvements and INTEGRITY’s separation kernel architecture, the impact of these vulnerabilities on GHnet v2 is far less severe.
Green Hills Software has and will continue to advocate for running middleware, driver, and application code in partitioned virtual address spaces, rather than in the kernel. The INTEGRITY Real-Time Operating System was designed to provide isolation between applications and the kernel, protecting the rest of the system if an application fails or misbehaves. Due to the isolation provided by INTEGRITY, running the GHnet v2 stack in a virtual address space significantly reduces the impact of these vulnerabilities. Green Hills Software strongly recommends that the GHnet v2 network stack, all other middleware, and all application code be placed in separate virtual address spaces.
Green Hills Software will include fixes for these vulnerabilities in future releases of GHnet v2, and is making patches available to customers on previous releases. If you have questions about how these vulnerabilities may affect your system, please contact your Green Hills Software sales representative, or contact Green Hills Software Technical Support.