projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 749fbab) | patch
package/wpa_supplicant: fix CVE-2019-16275
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Mon, 30 Mar 2020 21:55:00 +0000 (23:55 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 2 Apr 2020 19:54:25 +0000 (21:54 +0200)
commit650d907c13e546d508feb6ef03a10cfe8609b3aa
tree7d8cddae3544b5e3fba00a53d1d15371cda1e06ftree
parent749fbab0bb4bad3748d164f8c25485618f0ed1cecommit | diff
package/wpa_supplicant: fix CVE-2019-16275

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
indication of disconnection in certain situations because source address
validation is mishandled. This is a denial of service that should have
been prevented by PMF (aka management frame protection). The attacker
must send a crafted 802.11 frame from a location that is within the
802.11 communications range.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/wpa_supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch [new file with mode: 0644] blob
package/wpa_supplicant/wpa_supplicant.mk diff | blob | history