2019-04-27 00:29:00 2019-06-07 05:29:00

The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
W1.fi Wpa supplicant 2.7 (not an official CPE) W1.fi Wpa supplicant 2.6 (not an official CPE) W1.fi Wpa supplicant 2.5 (not an official CPE) w1.fi WPA Supplicant 2.4 w1.fi WPA Supplicant 2.3 w1.fi WPA Supplicant 2.2 w1.fi WPA Supplicant 2.1 w1.fi WPA Supplicant 2.0 w1.fi WPA Supplicant 1.1 W1.fi Wpa supplicant 1.0 (not an official CPE) w1.fi WPA Supplicant 0.72 w1.fi WPA Supplicant 0.7.3 w1.fi WPA Supplicant 0.7.2 w1.fi WPA Supplicant 0.7.1 w1.fi WPA Supplicant 0.7.0 W1.fi Wpa supplicant 0.6.10 (not an official CPE) W1.fi Wpa supplicant 0.6.9 (not an official CPE) W1.fi Wpa supplicant 0.6.8 (not an official CPE) W1.fi Wpa supplicant 0.6.7 (not an official CPE) W1.fi Wpa supplicant 0.6.6 (not an official CPE) W1.fi Wpa supplicant 0.6.5 (not an official CPE) W1.fi Wpa supplicant 0.6.4 (not an official CPE) W1.fi Wpa supplicant 0.6.3 (not an official CPE) W1.fi Wpa supplicant 0.6.2 (not an official CPE) W1.fi Wpa supplicant 0.6.1 (not an official CPE) W1.fi Wpa supplicant 0.6.0 (not an official CPE) W1.fi Wpa supplicant 0.5.11 (not an official CPE) W1.fi Wpa supplicant 0.5.10 (not an official CPE) W1.fi Wpa supplicant 0.5.9 (not an official CPE) W1.fi Wpa supplicant 0.5.8 (not an official CPE) W1.fi Wpa supplicant 0.5.7 (not an official CPE) W1.fi Wpa supplicant 0.5.6 (not an official CPE) W1.fi Wpa supplicant 0.5.5 (not an official CPE) W1.fi Wpa supplicant 0.5.4 (not an official CPE) W1.fi Wpa supplicant 0.5.3 (not an official CPE) W1.fi Wpa supplicant 0.5.2 (not an official CPE) W1.fi Wpa supplicant 0.5.1 (not an official CPE) W1.fi Wpa supplicant 0.5.0 (not an official CPE) W1.fi Wpa supplicant 0.4.11 (not an official CPE) W1.fi Wpa supplicant 0.4.10 (not an official CPE) W1.fi Wpa supplicant 0.4.9 (not an official CPE) W1.fi Wpa supplicant 0.4.8 (not an official CPE) W1.fi Wpa supplicant 0.4.7 (not an official CPE) W1.fi Wpa supplicant 0.4.6 (not an official CPE) W1.fi Wpa supplicant 0.4.5 (not an official CPE) W1.fi Wpa supplicant 0.4.4 (not an official CPE) W1.fi Wpa supplicant 0.4.3 (not an official CPE) W1.fi Wpa supplicant 0.4.2 (not an official CPE) W1.fi Wpa supplicant 0.4.1 (not an official CPE) W1.fi Wpa supplicant 0.4.0 (not an official CPE) W1.fi Wpa supplicant 0.3.11 (not an official CPE) W1.fi Wpa supplicant 0.3.10 (not an official CPE) W1.fi Wpa supplicant 0.3.9 (not an official CPE) W1.fi Wpa supplicant 0.3.8 (not an official CPE) W1.fi Wpa supplicant 0.3.7 (not an official CPE) W1.fi Wpa supplicant 0.3.6 (not an official CPE) W1.fi Wpa supplicant 0.3.5 (not an official CPE) w1.fi Hostapd 0.7.0 w1.fi Hostapd 0.7.1 w1.fi Hostapd 0.7.2 w1.fi Hostapd 0.7.3 w1.fi Hostapd 1.1 w1.fi Hostapd 2.0 w1.fi Hostapd 2.1 w1.fi Hostapd 2.2 W1.fi Hostapd 2.3 (not an official CPE) W1.fi Hostapd 2.4 (not an official CPE) W1.fi Hostapd 2.5 (not an official CPE) W1.fi Hostapd 2.6 (not an official CPE) W1.fi Hostapd 2.7 (not an official CPE) W1.fi Wpa supplicant 0.2.0 (not an official CPE) W1.fi Wpa supplicant 0.2.1 (not an official CPE) W1.fi Wpa supplicant 0.2.2 (not an official CPE) W1.fi Wpa supplicant 0.2.3 (not an official CPE) W1.fi Wpa supplicant 0.2.3 Pre1 (not an official CPE) W1.fi Wpa supplicant 0.2.4 (not an official CPE) W1.fi Wpa supplicant 0.2.5 (not an official CPE) W1.fi Wpa supplicant 0.2.6 (not an official CPE) W1.fi Wpa supplicant 0.2.7 (not an official CPE) W1.fi Wpa supplicant 0.2.8 (not an official CPE) W1.fi Wpa supplicant 0.3.0 (not an official CPE) W1.fi Wpa supplicant 0.3.0 Pre4 (not an official CPE) W1.fi Wpa supplicant 0.3.1 (not an official CPE) W1.fi Wpa supplicant 0.3.2 (not an official CPE) W1.fi Wpa supplicant 0.3.3 (not an official CPE) W1.fi Wpa supplicant 0.3.4 (not an official CPE) w1.fi Hostapd 0.6.7 w1.fi Hostapd 0.6.6 w1.fi Hostapd 0.6.5 w1.fi Hostapd 0.6.4 w1.fi Hostapd 0.6.3 w1.fi Hostapd 0.6.2 w1.fi Hostapd 0.6.1 w1.fi Hostapd 0.6.0 w1.fi Hostapd 0.5.6 w1.fi Hostapd 0.5.5 w1.fi Hostapd 0.5.4 w1.fi Hostapd 0.5.3 w1.fi Hostapd 0.5.2 w1.fi Hostapd 0.5.1 w1.fi Hostapd 0.5.0 w1.fi Hostapd 0.4.7 w1.fi Hostapd 0.4.6 w1.fi Hostapd 0.4.5 w1.fi Hostapd 0.4.4 w1.fi Hostapd 0.4.3 w1.fi Hostapd 0.4.2 w1.fi Hostapd 0.4.1 w1.fi Hostapd 0.4.0 w1.fi Hostapd 0.3.4 w1.fi Hostapd 0.3.7 w1.fi Hostapd 0.3.5 w1.fi Hostapd 0.3.3 w1.fi Hostapd 0.3.2 w1.fi Hostapd 0.3.1 w1.fi Hostapd 0.3.0 w1.fi Hostapd 0.2.4 w1.fi Hostapd 0.2.2 w1.fi Hostapd 0.2.1 w1.fi Hostapd 0.2.0