Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 937483 (CVE-2024-5290)

Summary: net-wireless/wpa_supplicant: possible privilege escalation
Product: Gentoo Security Reporter: foufou33
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: UNCONFIRMED ---    
Severity: normal CC: foufou33, zerochaos
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://ubuntu.com/security/CVE-2024-5290
Whiteboard: A1 [ebuild]
Package list:
Runtime testing required: ---

Description foufou33 2024-08-07 07:19:58 UTC 
fom debian/ubuntu 
CVE-2024-5290
An issue was discovered in wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root).

Patch available here: https://launchpadlibrarian.net/742553699/wpa_2%3A2.10-21_2%3A2.10-21ubuntu0.1.diff.gz

Reproducible: Always
Comment 1 foufou33 2024-08-07 07:21:12 UTC 
Debian's DSA https://security-tracker.debian.org/tracker/DSA-5739-1