All errata/c8/ALT-PU-2017-2452-1
ALT-PU-2017-2452-1

Package update wpa_supplicant in branch c8

Version2.6-alt1.M80C.1
Task#190888
Published2017-10-17
Max severityHIGH
Severity:

Closed issues (22)

BDU:2017-02263
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (pairwise key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02264
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02265
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02266
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02267
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02268
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (pairwise key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02270
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (Tunered Direct Link PeerKey) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02271
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
BDU:2017-02272
HIGH7.9

Уязвимость протокола WPA2, связанная с ошибками управления криптографическими ключами (integrity group key) и позволяющая получить доступ к зашифрованной информации, передаваемой по беспроводной сети

Published: 2017-10-18Modified: 2021-03-23
CVSS 3.xHIGH 7.9
CVSS:3.x/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS 2.0HIGH 7.9
CVSS:2.0/AV:A/AC:M/Au:N/C:C/I:C/A:C
References
CVE-2015-5314
MEDIUM5.9

The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.

Published: 2018-02-21Modified: 2024-11-21
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 5.9
CVSS:3.x/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2015-5315
MEDIUM5.9

The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.

Published: 2018-02-21Modified: 2024-11-21
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 5.9
CVSS:3.x/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2015-5316
MEDIUM5.9

The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pwd Confirm message followed by the Identity exchange.

Published: 2018-02-21Modified: 2024-11-21
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 5.9
CVSS:3.x/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2016-4476
HIGH7.5

hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.

Published: 2016-05-09Modified: 2025-04-12
CVSS 2.0MEDIUM 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2017-13077
MEDIUM6.8

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0MEDIUM 5.4
CVSS:2.0/AV:A/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xMEDIUM 6.8
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
References
CVE-2017-13078
MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0LOW 2.9
CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References
CVE-2017-13079
MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0LOW 2.9
CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References
CVE-2017-13080
MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0LOW 2.9
CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References
CVE-2017-13081
MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0LOW 2.9
CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References
CVE-2017-13082
HIGH8.1

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0MEDIUM 5.8
CVSS:2.0/AV:A/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.1
CVSS:3.x/CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
CVE-2017-13086
MEDIUM6.8

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0MEDIUM 5.4
CVSS:2.0/AV:A/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xMEDIUM 6.8
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
References
CVE-2017-13087
MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0LOW 2.9
CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References
CVE-2017-13088
MEDIUM5.3

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Published: 2017-10-17Modified: 2025-04-20
CVSS 2.0LOW 2.9
CVSS:2.0/AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References