PT-2015-2727 · Hostap+4 · Hostapd+4

Kostya Kortchinsky

Publicado

2015-06-01

Atualizado

2024-06-15

CVE-2015-4141

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions hostapd versions 0.7.0 through 2.4 wpa supplicant versions 0.7.0 through 2.4

Description The issue is related to the WPS UPnP function in hostapd and wpa supplicant, which can be exploited by remote attackers to cause a denial of service (crash) via a negative chunk length. This triggers an out-of-bounds read or heap-based buffer overflow. The vulnerability can be exploited by a remote attacker, allowing them to cause a denial of service.

Recommendations For hostapd versions 0.7.0 through 2.4, consider disabling the WPS UPnP function as a temporary workaround until a patch is available. For wpa supplicant versions 0.7.0 through 2.4, restrict the use of the WPS external registrar (ER) feature to minimize the risk of exploitation.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2016-1915

ALT-PU-2016-1916

BDU:2015-12092

CVE-2015-4141

DSA-3397-1

OPENSUSE-SU-2017_2896-1

OPENSUSE-SU-2020:2053-1

OPENSUSE-SU-2020:2059-1

OPENSUSE-SU-2020_2053-1

OPENSUSE-SU-2020_2059-1

OPENSUSE-SU-2024:10022-1

OPENSUSE-SU-2024:10499-1

SUSE-SU-2015:2221-1

SUSE-SU-2015_2221-1

SUSE-SU-2016:2305-1

SUSE-SU-2016_2305-1

SUSE-SU-2020:3380-1

SUSE-SU-2020_3380-1

USN-2650-1

Produtos afetados

Alt Linux

Suse

Ubuntu

Hostapd

Wpa Supplicant

PT-2015-2727 · Hostap+4 · Hostapd+4

CVE-2015-4141

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 175