A buffer overflow flaw was found in the way wpa_supplicant handled SSID information in the Wi-Fi Direct / P2P management frames. A specially crafted frame could allow an attacker within Wi-Fi radio range to cause wpa_supplicant to crash or, possibly, execute arbitrary code.
Find out more about CVE-2015-1863 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue did not affect the wpa_supplicant versions as shipped with Red Hat Enterprise Linux 5 and 6.
Base Score | 6.8 |
---|---|
Base Metrics | AV:A/AC:H/Au:N/C:C/I:C/A:C |
Access Vector | Adjacent Network |
Access Complexity | High |
Authentication | None |
Confidentiality Impact | Complete |
Integrity Impact | Complete |
Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Platform | Errata | Release Date |
---|---|---|
Red Hat Enterprise Linux 7 (wpa_supplicant) | RHSA-2015:1090 | 2015-06-11 |
Platform | Package | State |
---|---|---|
Red Hat Enterprise Linux 6 | wpa_supplicant | Affected |
Red Hat Enterprise Linux 5 | wpa_supplicant | Affected |