wpa_supplicant 0.4.0 through 2.5 does not reject n and r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Android | 5.0.2 | 5.0.2 | |
Android | 6.0.1 | 6.0.1 | |
Android | 6.0 | 6.0 | |
Android | 4.4.4 | 4.4.4 | |
Android | 5.1.1 | 5.1.1 |