CVE-2015-4143

wpa_supplicant and hostapd could be made to crash if they received specially crafted network traffic ...

Debian Bug report logs - #787371 wpa: CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing payload length validation Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 May 2015 2 ...

Debian Bug report logs - #787372 wpa: CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 May 2015 20:42:02 UTC Severity: im ...

Debian Bug report logs - #795740 wpa: CVE-2015-8041: Incomplete WPS and P2P NFC NDEF record payload length validation Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Aug 2015 14:45:02 UTC Severi ...

Debian Bug report logs - #787373 wpa: CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 May 2015 20:42:06 UTC Severity: impo ...

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 10 through 24 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload ...