The EAP-pwd implementation in hostapd (EAP server) before 2.8 and
wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation
reassembly state properly for a case where an unexpected fragment could be
received. This could result in process termination due to a NULL pointer
dereference (denial of service). This affects eap_server/eap_server_pwd.c
@maintainer, please drop vulnerable.
(In reply to Aaron Bauman from comment #1)
> @maintainer, please drop vulnerable.
Nevermind, this still needs to be stabilized.
ACK, let's stabilize wpa_supplicant-2.8-r1
This issue was resolved and addressed in
GLSA 201908-25 at https://security.gentoo.org/glsa/201908-25
by GLSA coordinator Aaron Bauman (b-man).
re-opened for final arches
vulnerables have been long dropped, sorry for forgetting to post that status here.
This is security's bug now
Repository is clean, all done!