PT-2015-5477 · Hostap+5 · Wpa Supplicant+5

Jouni Malinen

Published

2015-04-21

Updated

2024-06-15

CVE-2015-1863

CVSS v2.0

5.8

Medium

Vector

AV:A/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions wpa supplicant versions 1.0 through 2.4

Description The issue allows remote attackers to cause a denial of service, read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.

Recommendations For wpa supplicant versions 1.0 through 2.4, update to a version that contains a fix for this issue to prevent potential exploitation.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2015-1400

ALT-PU-2016-1916

CESA-2015_1090

CVE-2015-1863

DSA-3233-1

OPENSUSE-SU-2015_0813-1

OPENSUSE-SU-2017_2896-1

OPENSUSE-SU-2024:10022-1

OPENSUSE-SU-2024:10499-1

RHSA-2015:1090

RHSA-2015_1090

SUSE-SU-2015:1013-1

USN-2577-1

Affected Products

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Wpa Supplicant

PT-2015-5477 · Hostap+5 · Wpa Supplicant+5

CVE-2015-1863

Weakness Enumeration

Related Identifiers

Affected Products

References · 104