MGASA-2020-0244
- Source
- https://advisories.mageia.org/MGASA-2020-0244.html
- Import Source
- https://advisories.mageia.org/MGASA-2020-0244.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2020-0244
- Related
- Published
- 2020-06-10T22:26:12Z
- Modified
- 2020-06-10T21:54:00Z
- Summary
- Updated wpa_supplicant packages fix security vulnerability
- Details
-
Updated wpa_supplicant and hostpad packages fix security vulnerability:
A vulnerability was discovered in wpasupplicant. When Access Point (AP) mode and Protected Management Frames (PMF) (IEEE 802.11w) are enabled, wpasupplicant does not perform enough validation on the source address of some received management frames. An attacker within the 802.11 communications range could use this flaw to inject an unauthenticated frame and perform a denial-of-service attack against another device which would be disconnected from the network (CVE-2019-16275).
- References
-
- https://advisories.mageia.org/MGASA-2020-0244.html
- https://bugs.mageia.org/ishow_bug.cgi?id=25430
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275è
- https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:7 / wpa_supplicant
Package
- Name
- wpa_supplicant
- Purl
- pkg:rpm/mageia/wpa_supplicant?distro=mageia-7
Mageia:7 / hostapd
Package
- Name
- hostapd
- Purl
- pkg:rpm/mageia/hostapd?distro=mageia-7