Описание
Security update for hostapd
This update for hostapd fixes the following issues:
-
CVE-2021-30004: forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c (boo#1184348)
-
CVE-2020-12695: UPnP SUBSCRIBE misbehavior in hostapd WPS AP (boo#1172700)
-
CVE-2019-16275: AP mode PMF disconnection protection bypass (boo#1150934)
-
added AppArmor profile (source apparmor-usr.sbin.hostapd)
Список пакетов
openSUSE Leap 15.2
Ссылки
- E-Mail link for openSUSE-SU-2021:0519-1
- SUSE Security Ratings
- SUSE Bug 1150934
- SUSE Bug 1172700
- SUSE Bug 1184348
- SUSE CVE CVE-2019-16275 page
- SUSE CVE CVE-2020-12695 page
- SUSE CVE CVE-2021-30004 page
Описание
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
Затронутые продукты
Ссылки
- CVE-2019-16275
- SUSE Bug 1150934
Описание
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Затронутые продукты
Ссылки
- CVE-2020-12695
- SUSE Bug 1172700
- SUSE Bug 1179447
Описание
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
Затронутые продукты
Ссылки
- CVE-2021-30004
- SUSE Bug 1184348