wpa_supplicant 0.4.0 through 2.5 does not reject n and r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Android | 4.4.4 (including) | 4.4.4 (including) | |
Android | 5.0.2 (including) | 5.0.2 (including) | |
Android | 5.1.1 (including) | 5.1.1 (including) | |
Android | 6.0 (including) | 6.0 (including) | |
Android | 6.0.1 (including) | 6.0.1 (including) | |
Hostapd | Ubuntu | precise | * |
Wpa | Ubuntu | artful | * |
Wpa | Ubuntu | bionic | * |
Wpa | Ubuntu | cosmic | * |
Wpa | Ubuntu | devel | * |
Wpa | Ubuntu | disco | * |
Wpa | Ubuntu | eoan | * |
Wpa | Ubuntu | focal | * |
Wpa | Ubuntu | groovy | * |
Wpa | Ubuntu | hirsute | * |
Wpa | Ubuntu | trusty | * |
Wpa | Ubuntu | vivid/stable-phone-overlay | * |
Wpa | Ubuntu | vivid/ubuntu-core | * |
Wpa | Ubuntu | wily | * |
Wpa | Ubuntu | xenial | * |
Wpa | Ubuntu | yakkety | * |
Wpa | Ubuntu | zesty | * |
Wpasupplicant | Ubuntu | precise | * |
Wpasupplicant | Ubuntu | precise/esm | * |