Описание
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range. An attacker in radio range of the access point could inject a specially constructed unauthenticated IEEE 802.11 frame to the access point to cause associated stations to be disconnected and require a reconnection to the network.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2:2.6-15ubuntu2.5 |
| devel | released | 2:2.9-1ubuntu2 |
| disco | released | 2:2.6-21ubuntu3.3 |
| esm-infra-legacy/trusty | released | 2.1-0ubuntu1.7+esm2 |
| esm-infra/bionic | released | 2:2.6-15ubuntu2.5 |
| esm-infra/xenial | released | 2.4-0ubuntu6.6 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | released | 2.1-0ubuntu1.7+esm2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | not-affected | 0.7.3-6ubuntu2.5 |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
EPSS
3.3 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect ...
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
EPSS
3.3 Low
CVSS2
6.5 Medium
CVSS3