696024 – TRACKER: hostapd/wpa_supplicant: multiple vulnerabilities (CVE-2019-{13377,16275})

Bug 696024 - TRACKER: hostapd/wpa_supplicant: multiple vulnerabilities (CVE-2019-{13377,16275})

Summary: TRACKER: hostapd/wpa_supplicant: multiple vulnerabilities (CVE-2019-{13377,16...

Status:	RESOLVED DUPLICATE of bug 696022

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal major (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-10-01 23:02 UTC by GLSAMaker/CVETool Bot
Modified:	2019-10-01 23:05 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2019-10-01 23:02:38 UTC

CVE-2019-13377 (https://nvd.nist.gov/vuln/detail/CVE-2019-13377):
  The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x
  through 2.8 are vulnerable to side-channel attacks as a result of observable
  timing differences and cache access patterns when Brainpool curves are used.
  An attacker may be able to gain leaked information from a side-channel
  attack that can be used for full password recovery.

CVE-2019-16275 (https://nvd.nist.gov/vuln/detail/CVE-2019-16275):
  hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
  indication of disconnection in certain situations because source address
  validation is mishandled. This is a denial of service that should have been
  prevented by PMF (aka management frame protection). The attacker must send a
  crafted 802.11 frame from a location that is within the 802.11
  communications range.

Comment 1 Brian Evans (RETIRED) gentoo-dev

2019-10-01 23:05:31 UTC


*** This bug has been marked as a duplicate of bug 696022 ***