[pkg-wpa-devel] Bug#689990: wpa: CVE-2012-4445 denial of service
Nico Golde
nion at debian.org
Mon Oct 8 19:52:39 UTC 2012
Package: wpa
Severity: grave
Tags: security patch
Hi,
the following vulnerability was published for hostapd.
CVE-2012-4445[0]:
| Timo Warns discovered that the internal authentication server of hostapd,
| a user space IEEE 802.11 AP and IEEE 802.1X/WPA/WPA2/EAP Authenticator,
| is vulnerable to a buffer overflow when processing fragmented EAP-TLS
| messages. As a result, an internal overflow checking routine terminates
| the process. An attacker can abuse this flaw to conduct denial of service
| attacks via crafted EAP-TLS messages prior to any authentication.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
Please also ask for an unblock on -release after fixing this issue so it will
be picked up for wheezy.
The patch I used for the DSA:
http://people.debian.org/~nion/nmu-diff/hostapd-0.6.10-2_0.6.10-2+squeeze1.patch
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445
http://security-tracker.debian.org/tracker/CVE-2012-4445
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-wpa-devel/attachments/20121008/fabe7a97/attachment.pgp>
More information about the Pkg-wpa-devel
mailing list