Download
| Alert*
oval:org.secpod.oval:def:55018
wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:55306 A vulnerability was found in the WPA protocol implementation found in wpa_supplication and hostapd . The EAP-pwd implementation in hostapd and wpa_supplicant doesn"t properly validate fragmentation reassembly state when receiving an unexpected fragment. This could lead to a process crash due to a ... oval:org.secpod.oval:def:116920 hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground and acts as the ... oval:org.secpod.oval:def:116602 wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 . Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association ... oval:org.secpod.oval:def:116730 hostapd is a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server. hostapd is designed to be a "daemon" program that runs in the back-ground and acts as the ... oval:org.secpod.oval:def:1801450 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801451 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801484 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801453 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801464 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801486 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801465 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1801458 The EAP-pwd implementation in hostapd before 2.8 and wpa_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects eap_server/e ... oval:org.secpod.oval:def:1901960 The EAP-pwd implementation in hostapd before 2.8 and wpasupplicant_supplicant before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference . This affects ea ... oval:org.secpod.oval:def:603929 A vulnerability was found in the WPA protocol implementation found in wpa_supplication and hostapd . The EAP-pwd implementation in hostapd and wpa_supplicant doesn"t properly validate fragmentation reassembly state when receiving an unexpected fragment. This could lead to a process crash due to a ... oval:org.secpod.oval:def:54577 wpa: client support for WPA and WPA2 wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. oval:org.secpod.oval:def:89046352 This update for wpa_supplicant fixes the following issues: - CVE-2022-23303, CVE-2022-23304: Fixed SAE/EAP-pwd side-channel attacks - CVE-2021-0326: Fixed P2P group information processing vulnerability - Fix systemd device ready dependencies in wpa_supplicant at .service file. - Limit P2P_DEVICE ... oval:org.secpod.oval:def:89000086 This update for wpa_supplicant fixes the following issues: Security issue fixed: - CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass . Non-security issues fixed: - Enable SAE support . - Limit P2P_DEVICE name to appropriate ifname size. - Fix wicked wlan - Restore fi.epitest.host ... oval:org.secpod.oval:def:89000520 This update for wpa_supplicant fixes the following issues: wpa_supplicant was updated to 2.9 release: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * EAP-pwd changes - disable use of groups using Brain ... |