First published: Mon Jun 15 2015(Updated: )
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/wpa | 2:2.7+git20190128+0c1e29f-6+deb10u3 2:2.9.0-21 2:2.10-12 2:2.10-15 | |
wpa_supplicant | =1.0 | |
wpa_supplicant | =1.1 | |
wpa_supplicant | =2.0 | |
wpa_supplicant | =2.1 | |
wpa_supplicant | =2.2 | |
wpa_supplicant | =2.3 | |
wpa_supplicant | =2.4 | |
hostapd | =1.0 | |
hostapd | =1.1 | |
hostapd | =2.0 | |
hostapd | =2.1 | |
hostapd | =2.2 | |
hostapd | =2.3 | |
hostapd | =2.4 | |
SUSE Linux | =13.1 | |
SUSE Linux | =13.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-4146 is classified as a denial of service vulnerability that can lead to a crash of the affected service.
To address CVE-2015-4146, update your wpa_supplicant or hostapd software to a version that is not vulnerable, such as versions after 2.4 or any patched release.
CVE-2015-4146 affects wpa_supplicant versions 1.0 through 2.4 and hostapd versions 1.0 through 2.4.
Yes, CVE-2015-4146 can be exploited remotely by sending crafted messages to trigger the vulnerability.
Exploitation of CVE-2015-4146 may result in the affected service crashing, leading to a denial of service.