CVE-2015-5310

Name of the Vulnerable Software and Affected Versions wpa supplicant versions 2.x before 2.6

Description The issue is related to the WNM Sleep Mode code in wpa supplicant, which does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated. This allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service. Additionally, there is a Wi-Fi module vulnerability in the Android operating system related to the lack of protection for service data, which can allow an attacker to obtain confidential information about wireless network parameters by accessing the local physical environment.

Recommendations For wpa supplicant versions 2.x before 2.6, update to version 2.6 or later to resolve the issue. As a temporary workaround, consider disabling the WNM Sleep Mode feature until a patch is available. Restrict access to the Wi-Fi module to minimize the risk of exploitation.