AVG-11

Package wpa_supplicant
Status Fixed
Severity High
Type multiple issues
Affected 1:2.5-3
Fixed 1:2.6-1
Current 1:2.6-11 [core]
Ticket FS#49196
Created Sun Sep 18 15:54:53 2016
Issue Severity Remote Type Description
CVE-2016-4477 High No Privilege escalation
The local configuration update through the control interface SET_NETWORK command could allow privilege escalation for the local user to run code from a...
CVE-2016-4476 Low Yes Denial of service
A vulnerability was found in how hostapd and wpa_supplicant writes the configuration file update for the WPA/WPA2 passphrase parameter. If this parameter...
Date Advisory Package Description
08 Oct 2016 ASA-201610-7 wpa_supplicant multiple issues
References
http://www.openwall.com/lists/oss-security/2016/05/03/2
Notes
https://w1.fi/security/2016-1/psk-parameter-config-update.txt