PT-2019-2182 · Linux+4 · Wpa Supplicant+5

Published

2019-04-10

·

Updated

2022-06-01

·

CVE-2019-9498

CVSS v3.1

8.1

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions hostapd with SAE support versions prior to 2.4 wpa supplicant with SAE support versions prior to 2.4 hostapd with EAP-pwd support versions prior to 2.7 wpa supplicant with EAP-pwd support versions prior to 2.7
Description The issue is related to the implementations of EAP-PWD in hostapd EAP Server and wpa supplicant. When built against a crypto library missing explicit validation on imported elements, they do not validate the scalar and element values in EAP-pwd-Commit. This allows an attacker to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password.
Recommendations For hostapd with SAE support versions prior to 2.4, update to version 2.4 or later. For wpa supplicant with SAE support versions prior to 2.4, update to version 2.4 or later. For hostapd with EAP-pwd support versions prior to 2.7, update to version 2.7 or later. For wpa supplicant with EAP-pwd support versions prior to 2.7, update to version 2.7 or later.

Fix

Origin Validation Error

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-346CWE-264CWE-287

Related Identifiers

ALT-PU-2019-2497
ALT-PU-2019-2498
ALT-PU-2019-2554
ALT-PU-2020-3139
ALT-PU-2022-1980
BDU:2019-01948
CVE-2019-9498
DLA-1867-1
DSA-4430-1
OPENSUSE-SU-2020:0222-1
OPENSUSE-SU-2020:2053-1
OPENSUSE-SU-2020:2059-1
OPENSUSE-SU-2020_0222-1
OPENSUSE-SU-2020_2053-1
OPENSUSE-SU-2020_2059-1
SUSE-SU-2020:3380-1
SUSE-SU-2020:3424-1
SUSE-SU-2022:1853-1
USN-3944-1

Affected Products

Alt Linux
Freebsd
Suse
Ubuntu
Hostapd
Wpa Supplicant