AR# 75430

Xilinx Product Security Statement: Ripple20 Vulnerabilities Affecting Treck IP Stacks

Description

Xilinx is aware of the security vulnerabilities known collectively as Ripple20 that impact Treck IP stack implementations for embedded systems.

Xilinx firmly believes that Xilinx products are not impacted by Ripple20.

Solution

After conducting a thorough review of Ripple20, the Xilinx Product Security Incident Response Team (PSIRT) has determined the following:

  • No instances of current or past Xilinx products shipped to customers contained the Treck TCP/IP solution.
  • While we have worked with the Treck TCP/IP solution in the past, it was limited to producing and verifying collateral, including answer records and application notes.
    Examples can be found here. Any Xilinx customer interested in incorporating the Treck TCP/IP solution would have had to work with Treck directly.
  • Most of this collateral is over ten years old, and Xilinx has not worked with the Treck TCP/IP solution in recent years.
AR# 75430
Date 08/17/2020
Status Active
Type General Article
Devices