[USN-3969-2] wpa_supplicant and hostapd vulnerability
Leonidas S. Barbosa
leo.barbosa at canonical.com
Thu May 9 14:57:36 UTC 2019
Ubuntu Security Notice USN-3969-2
May 09, 2019
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
wpa_supplicant and hostapd could be made to crash if they received
specially crafted network traffic.
- wpa: client support for WPA and WPA2
USN-3969-1 fixed a vulnerability in wpa_supplicant and hostapd. This
update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that wpa_supplicant and hostapd incorrectly handled
unexpected fragments when using EAP-pwd. A remote attacker could
possibly use this issue to cause a denial of service.
The problem can be corrected by updating your system to the following
Ubuntu 14.04 ESM:
After a standard system update you need to reboot your computer to make
all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part
More information about the ubuntu-security-announce