Denial of Service in wpa_supplicant (Aktualisierung)
ID: | USN-3969-2 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 14.04 ESM |
Datum: | Do, 9. Mai 2019, 19:12 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11555 |
Applikationen: | wpa_supplicant |
Update von: | Denial of Service in wpa_supplicant |
Originalnachricht |
|
--===============5957887577829215722== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-YPe5kd+ZDmPjM1VNTv/R" --=-YPe5kd+ZDmPjM1VNTv/R Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-3969-2 May 09, 2019 wpa vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic. Software Description: - wpa: client support for WPA and WPA2 Details: USN-3969-1 fixed a vulnerability in wpa_supplicant and hostapd. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpa_supplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: hostapd 2.1-0ubuntu1.7+esm1 wpasupplicant 2.1-0ubuntu1.7+esm1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3969-2 https://usn.ubuntu.com/usn/usn-3969-1 CVE-2019-11555 --=-YPe5kd+ZDmPjM1VNTv/R Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJc1D/gAAoJEEW851uECx9pBvUP/29GRD3FRguHKZEmnlpQI06Q Ma0gOajfPoToFLcI1yDDWEdr9sz4SF/YAwVRj8Irw7gWUwt2umgzCrGKnTKoTIgJ g6xXgy98HnEKFBu8dfxtPInaA5YiPfIOddfqdLNZkxofGN64pjOhe3krPotcoqqw 9G/4S12Whykvc/VIn4F4/ZFSi/dqYJLF8phuheWlNV7MDypCp1UtOE4NV8A5RtYI aZJ95dVRY77qoztqdlqesct0lUwMGyBdkFePlh9bPHAwDryGuOOmDe4hp2U2kZ9y x9aDcxsQ5NVtBlKdydd94Wio+FJK1Oupbjw6m3jdRq++FjamIJH9PJUaVOrpda4G o+qBcSFkz1NSUlIKuK7YWCB7b73s7t1wL+U0QvR1Hq4J8o5hmAmlVIoZVJBbcPCZ 5MUMYHZ5XRgaXnG+SgeXAtWo6XStEfDcb7lAo9bNKa3NK2mmDIyBVQEo/4+0CEW9 Ov5uktR1GyNYfr855Owrg1xgBYbY3nCAc+zeoa6n8RMXX1/HAGewwxVrqEaWMkev 0lnvkLSlSLsgvcTwYO07EG3DhqtovXNG8ZF+CEzRl4bgx1xqDwvkcEjyB1ICorWL hLkt49NW4mbc0AIAok0KP/7J0x62XSYek63TY+7Nr7fTdhMiw47bTa5vEDt3T6gy znxQgJH9vr0zewZ3qNTK =gO/V -----END PGP SIGNATURE----- --=-YPe5kd+ZDmPjM1VNTv/R-- --===============5957887577829215722== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK --===============5957887577829215722==-- |