ALT-PU-2025-13845-3

Package update wpa_supplicant in branch c10f2

Version2.11-alt4

Published2025-11-05

Max severityMEDIUM

Severity:

Closed issues (2)

MEDIUM6.5

Уязвимость реализации протокола PEAP (Protected Extensible Authentication Protocol) клиента защищённого доступа Wi-Fi WPA Supplicant, позволяющая нарушителю перехватить незашифрованный транзитный трафик пользователя

Published: 2024-02-19Modified: 2026-01-20

CVSS 3.xMEDIUM 6.5

CVSS:3.x/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS 2.0HIGH 8.3

CVSS:2.0/AV:A/AC:L/Au:N/C:C/I:C/A:C

References

CVE-2023-52160

MEDIUM6.5

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.

Published: 2024-02-22Modified: 2025-11-04

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References

Closed bugs (2)

не работает wifi на ноутбуке с BCM4352, после обновления с пакетом wpa_supplicant-2.11

wpa_supplicant: спамит сообщениями CTRL-EVENT-SIGNAL-CHANGE