CVE-2016-4477

Name of the Vulnerable Software and Affected Versions wpa supplicant versions 0.4.0 through 2.5

Description The issue allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service, via a crafted command. This is possible because wpa supplicant does not reject and r characters in passphrase parameters. Specifically, the vulnerability can be exploited through a crafted (1) SET, (2) SET CRED, or (3) SET NETWORK command.

Recommendations For wpa supplicant versions 0.4.0 through 2.5, consider updating to a version that rejects and r characters in passphrase parameters to prevent arbitrary library loading and potential privilege escalation or denial of service. As a temporary workaround, restrict access to the SET, SET CRED, and SET NETWORK commands to minimize the risk of exploitation. Avoid using the passphrase parameter with untrusted input in the affected commands until the issue is resolved.