CVE Vulnerabilities

CVE-2016-4477

Published: May 09, 2016 | Modified: Oct 23, 2017
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
4.4 MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
4.4 MODERATE
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
7 MODERATE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Ubuntu
LOW

wpa_supplicant 0.4.0 through 2.5 does not reject n and r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.

Affected Software

Name Vendor Start Version End Version
Android Google 4.4.4 (including) 4.4.4 (including)
Android Google 5.0.2 (including) 5.0.2 (including)
Android Google 5.1.1 (including) 5.1.1 (including)
Android Google 6.0 (including) 6.0 (including)
Android Google 6.0.1 (including) 6.0.1 (including)
Hostapd Ubuntu precise *
Wpa Ubuntu artful *
Wpa Ubuntu bionic *
Wpa Ubuntu cosmic *
Wpa Ubuntu devel *
Wpa Ubuntu disco *
Wpa Ubuntu eoan *
Wpa Ubuntu focal *
Wpa Ubuntu groovy *
Wpa Ubuntu hirsute *
Wpa Ubuntu trusty *
Wpa Ubuntu vivid/stable-phone-overlay *
Wpa Ubuntu vivid/ubuntu-core *
Wpa Ubuntu wily *
Wpa Ubuntu xenial *
Wpa Ubuntu yakkety *
Wpa Ubuntu zesty *
Wpasupplicant Ubuntu precise *
Wpasupplicant Ubuntu precise/esm *

References