Published: 06/01/2016 Updated: 22/02/2018

CVSS v2 Base Score: 3.3 | Impact Score: 2.9 | Exploitability Score: 6.5

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 294

Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N

The WNM Sleep Mode code in wpa_supplicant 2.x prior to 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote malicious users to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 6.0.1
google android 6.0
google android 4.4.4
google android 5.0
google android 5.1.1

Several security issues were fixed in wpa_supplicant and hostapd ...

Debian Bug report logs - #804707 wpa: CVE-2015-5310: wpa_supplicant unauthorized WNM Sleep Mode GTK control Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 10 Nov 2015 19:00:02 UTC Severity: seriou ...

Debian Bug report logs - #787371 wpa: CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146: EAP-pwd missing payload length validation Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 May 2015 2 ...

Debian Bug report logs - #787372 wpa: CVE-2015-4141: WPS UPnP vulnerability with HTTP chunked transfer encoding Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 May 2015 20:42:02 UTC Severity: im ...

Debian Bug report logs - #795740 wpa: CVE-2015-8041: Incomplete WPS and P2P NFC NDEF record payload length validation Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Aug 2015 14:45:02 UTC Severi ...

Debian Bug report logs - #804708 wpa: CVE-2015-5314 CVE-2015-5315: EAP-pwd missing last fragment length validation Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 10 Nov 2015 19:00:06 UTC Severity: ...

Debian Bug report logs - #787373 wpa: CVE-2015-4142: Integer underflow in AP mode WMM Action frame processing Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 31 May 2015 20:42:06 UTC Severity: impo ...

Debian Bug report logs - #804710 wpa: CVE-2015-5316: EAP-pwd peer error path failure on unexpected Confirm message Package: src:wpa; Maintainer for src:wpa is Debian wpasupplicant Maintainers <wpa@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 10 Nov 2015 19:00:15 UTC Severity: ...

The WNM Sleep Mode code in wpa_supplicant 2x before 26 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response ...

CWE-200 http://source.android.com/security/bulletin/2016-01-01.html http://www.securityfocus.com/bid/77541 http://www.securitytracker.com/id/1034592 http://www.debian.org/security/2015/dsa-3397 http://www.ubuntu.com/usn/USN-2808-1 http://www.openwall.com/lists/oss-security/2015/11/10/9 http://w1.fi/security/2015-6/wpa_supplicant-unauthorized-wnm-sleep-mode-gtk-control.txt https://usn.ubuntu.com/2808-1/https://nvd.nist.gov

Get Started

CVE-2015-5310

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect