Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

41 – 50 of 57 results


CVE-2015-5316

Medium priority
Fixed

The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer...

2 affected packages

wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
wpa
wpasupplicant
Show less packages

CVE-2015-5315

Medium priority
Fixed

The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile,...

2 affected packages

wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
wpa
wpasupplicant
Show less packages

CVE-2015-5314

Medium priority
Fixed

The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS...

2 affected packages

hostapd, wpa

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd
wpa
Show less packages

CVE-2015-5310

Medium priority
Fixed

The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast...

2 affected packages

wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
wpa
wpasupplicant
Show less packages

CVE-2015-8041

Low priority

Some fixes available 1 of 2

Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value...

3 affected packages

hostapd, wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd Not in release
wpa Fixed
wpasupplicant Not in release
Show less packages

CVE-2015-4146

Medium priority
Fixed

The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial...

3 affected packages

hostapd, wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd
wpa
wpasupplicant
Show less packages

CVE-2015-4145

Medium priority
Fixed

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a...

3 affected packages

hostapd, wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd
wpa
wpasupplicant
Show less packages

CVE-2015-4144

Medium priority
Fixed

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service...

3 affected packages

hostapd, wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd
wpa
wpasupplicant
Show less packages

CVE-2015-4143

Medium priority
Fixed

The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.

3 affected packages

hostapd, wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd
wpa
wpasupplicant
Show less packages

CVE-2015-4142

Medium priority

Some fixes available 8 of 9

Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a...

3 affected packages

hostapd, wpa, wpasupplicant

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hostapd Not in release
wpa Fixed
wpasupplicant Not in release
Show less packages