hostapd prior to 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
w1.fi hostapd |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |