drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in wpa_supplicant
Name: |
Zwei Probleme in wpa_supplicant |
|
ID: |
USN-4734-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10 |
|
Datum: |
Fr, 12. Februar 2021, 07:12 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326 |
|
Applikationen: |
wpa_supplicant |
|
Originalnachricht |
--===============6909420854837479858== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="bda7maMjJbTZ4Ov1" Content-Disposition: inline
--bda7maMjJbTZ4Ov1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4734-1 February 11, 2021
wpa vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in wpa_supplicant and hostapd.
Software Description: - wpa: client support for WPA and WPA2
Details:
It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) group information in some situations, leading to a heap overflow. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe messages in some circumstances. An attacker could use this to cause a denial of service. (CVE-2020-12695)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: hostapd 2:2.9-1ubuntu8.1 wpasupplicant 2:2.9-1ubuntu8.1
Ubuntu 20.04 LTS: hostapd 2:2.9-1ubuntu4.2 wpasupplicant 2:2.9-1ubuntu4.2
Ubuntu 18.04 LTS: hostapd 2:2.6-15ubuntu2.7 wpasupplicant 2:2.6-15ubuntu2.7
Ubuntu 16.04 LTS: hostapd 1:2.4-0ubuntu6.7 wpasupplicant 2.4-0ubuntu6.7
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/4734-1 CVE-2020-12695, CVE-2021-0326
Package Information: https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu8.1 https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu4.2 https://launchpad.net/ubuntu/+source/wpa/2:2.6-15ubuntu2.7 https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.7
--bda7maMjJbTZ4Ov1 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmAlrtsACgkQLwmejQBe gfQV3A/7Bb3tCy8YirDJsV9dxdObSri6ZoxnS67Ecztiv6vU29VvjjuUV9NDD6kT 9Mp5wvOhnSeRHw432/AQ+8cI8e8toDTEIkWfmvUOyU6O7Oea3SgIULOpa7bUJXv7 je7b2jc01uQMaA5AAlqOiZEdFN4OyOYNCTtu4NRMQCToDtvYQKPmFj1LX9VLNV0H sDzq9FSBgfvWAXMg0retN0TQb4zrEeiGhMhTz7q71w3fAzgTrMDpxNJ3T65tVh0w jcT1Kd3uINn/sLQSaB9HF1745nzyx1V/fM7hVTECNpoCLNKQLQGCrxFcxOVewsrQ BM45tQeCXg1NNc1I4WSkjcF+rgPntfB/NxkyE6NkhObFJoctRtVzZiucmHVRRSU/ 8InQ2VlxawreVp48JMbDM6uL1w8BoGBPw8gLZhVbPgRG9VvkSLsaz11WqD1hVqY+ fcaHJJyws+JptOxEe928ArV6nKiyI1SMDmG2b5Pma8eADsBFM0coODgvQTJlhSSA pdh0zzL4Ru6vGT6dPaRbamBIunjWZkf1E1emcPoc2tNXIuLvy6v0K5q4/5p5RIK6 vElpx5E6LSG4N3EEMVnc2PAlSOQ955Z0j6yXEubquJk/Z3n7I+NwJ3wWgYRHQGjm bPhUP1gApDnfbtEv1bmGLGSJ81tuiZ0hVAGzhPjSlIBhFRSL+5c= =0ofw -----END PGP SIGNATURE-----
--bda7maMjJbTZ4Ov1--
--===============6909420854837479858== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|