Date: Thu, 07 May 2015 13:58:27 +0200 From: Martin Prpic <mprpic@...hat.com> To: "OSS Security Mailinglist" <oss-security@...ts.openwall.com> Subject: CVE request: vulnerability in wpa_supplicant and hostapd Hi, I don't see a CVE assigned for this anywhere: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt "EAP-pwd missing payload length validation A vulnerability was found in EAP-pwd server and peer implementation used in hostapd and wpa_supplicant, respectively. The EAP-pwd/Commit and EAP-pwd/Confirm message payload is processed without verifying that the received frame is long enough to include all the fields. This results in buffer read overflow of up to couple of hundred bytes." Patches are included in: http://w1.fi/security/2015-4/ Thank you! -- Martin Prpič / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ