Описание
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2:2.6-15ubuntu2.1 |
| devel | released | 2:2.6-18 |
| esm-infra-legacy/trusty | released | 2.1-0ubuntu1.6 |
| esm-infra/bionic | released | 2:2.6-15ubuntu2.1 |
| esm-infra/xenial | released | 2.4-0ubuntu6.3 |
| precise/esm | DNE | |
| trusty | released | 2.1-0ubuntu1.6 |
| trusty/esm | released | 2.1-0ubuntu1.6 |
| upstream | needs-triage | |
| xenial | released | 2.4-0ubuntu6.3 |
Показывать по
Ссылки на источники
EPSS
3.3 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 throug ...
EPSS
3.3 Low
CVSS2
6.5 Medium
CVSS3