Commit e41f5efa authored by Lev Lamberov's avatar Lev Lamberov

[SECURITY] [DSA 4538-1] wpa security update

parent ebb3ad7d
<define-tag pagetitle>DSA-4538-1 wpa</define-tag>
<define-tag report_date>2019-9-29</define-tag>
<define-tag secrefs>CVE-2019-13377 CVE-2019-16275 Bug#934180 Bug#940080</define-tag>
<define-tag packages>wpa</define-tag>
<define-tag isvulnerable>yes</define-tag>
<define-tag fixed>yes</define-tag>
<define-tag fixed-section>no</define-tag>
#use wml::debian::security
</dl>
<define-tag description>security update</define-tag>
<define-tag moreinfo>
<p>Two vulnerabilities were found in the WPA protocol implementation found in
wpa_supplication (station) and hostapd (access point).</p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-13377">CVE-2019-13377</a>
<p>A timing-based side-channel attack against WPA3's Dragonfly handshake when
using Brainpool curves could be used by an attacker to retrieve the
password.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-16275">CVE-2019-16275</a>
<p>Insufficient source address validation for some received Management frames
in hostapd could lead to a denial of service for stations associated to an
access point. An attacker in radio range of the access point could inject a
specially constructed unauthenticated IEEE 802.11 frame to the access point
to cause associated stations to be disconnected and require a reconnection
to the network.</p></li>
</ul>
<p>For the stable distribution (buster), these problems have been fixed in
version 2:2.7+git20190128+0c1e29f-6+deb10u1.</p>
<p>We recommend that you upgrade your wpa packages.</p>
<p>For the detailed security status of wpa please refer to
its security tracker page at:
<a href="https://security-tracker.debian.org/tracker/wpa">\
https://security-tracker.debian.org/tracker/wpa</a></p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2019/dsa-4538.data"
# $Id: $
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment