cvelistv5 - cve-2019-9496

CVE-2019-9496 (GCVE-0-2019-9496)

Vulnerability from cvelistv5 – Published: 2019-04-17 13:31 – Updated: 2024-08-04 21:54

Summary

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.

Severity ?

No CVSS data available.

CWE

CWE-642 - External Control of Critical State Data

Assigner

certcc

References

URL

Tags

	https://w1.fi/security/2019-3/	x_refsource_CONFIRM
	https://www.synology.com/security/advisory/Synolo…	x_refsource_CONFIRM
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://seclists.org/bugtraq/2019/May/40	mailing-listx_refsource_BUGTRAQ
	http://packetstormsecurity.com/files/152914/FreeB…	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Impacted products

Vendor

Product

Version

Wi-Fi Alliance

hostapd with SAE support

Affected: 2.7 , ≤ 2.7 (custom)

Wi-Fi Alliance

wpa_supplicant with SAE support

Affected: 2.7 , ≤ 2.7 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:54:44.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2019-3/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
          },
          {
            "name": "FEDORA-2019-d03bae77f5",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
          },
          {
            "name": "FEDORA-2019-f409af9fbe",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
          },
          {
            "name": "FEDORA-2019-eba1109acd",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
          },
          {
            "name": "FreeBSD-SA-19:03",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
          },
          {
            "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/May/40"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
          },
          {
            "name": "openSUSE-SU-2020:0222",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "hostapd with SAE support",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "lessThanOrEqual": "2.7",
              "status": "affected",
              "version": "2.7",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "wpa_supplicant with SAE support",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "lessThanOrEqual": "2.7",
              "status": "affected",
              "version": "2.7",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-642",
              "description": "CWE-642 External Control of Critical State Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-16T00:06:10",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://w1.fi/security/2019-3/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
        },
        {
          "name": "FEDORA-2019-d03bae77f5",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
        },
        {
          "name": "FEDORA-2019-f409af9fbe",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
        },
        {
          "name": "FEDORA-2019-eba1109acd",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
        },
        {
          "name": "FreeBSD-SA-19:03",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
        },
        {
          "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/May/40"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
        },
        {
          "name": "openSUSE-SU-2020:0222",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps",
      "x_generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "Dragonblood",
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2019-9496",
          "STATE": "PUBLIC",
          "TITLE": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "hostapd with SAE support",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "2.7",
                            "version_value": "2.7"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "wpa_supplicant with SAE support",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "2.7",
                            "version_value": "2.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.6"
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-642 External Control of Critical State Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://w1.fi/security/2019-3/",
              "refsource": "CONFIRM",
              "url": "https://w1.fi/security/2019-3/"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
            },
            {
              "name": "FEDORA-2019-d03bae77f5",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
            },
            {
              "name": "FEDORA-2019-f409af9fbe",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
            },
            {
              "name": "FEDORA-2019-eba1109acd",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
            },
            {
              "name": "FreeBSD-SA-19:03",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
            },
            {
              "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/May/40"
            },
            {
              "name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
            },
            {
              "name": "openSUSE-SU-2020:0222",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2019-9496",
    "datePublished": "2019-04-17T13:31:08",
    "dateReserved": "2019-03-01T00:00:00",
    "dateUpdated": "2024-08-04T21:54:44.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.7\", \"matchCriteriaId\": \"5133129D-DA6B-485D-9FE7-33C994FBAF05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.7\", \"matchCriteriaId\": \"46294B0E-0043-487D-AD8F-931DC05F0E78\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.\"}, {\"lang\": \"es\", \"value\": \"Una secuencia de autorizaci\\u00f3n no v\\u00e1lida puede conllevar a que el proceso de hostapd termine a causa de que faltan pasos de comprobaci\\u00f3n de estado al procesar el mensaje de confirmaci\\u00f3n SAE cuando est\\u00e1 en el modo hostapd/AP. Todas las versiones de hostapd con soporte SAE son vulnerables. Un atacante puede forzar la terminaci\\u00f3n del proceso de hostapd, realizando un ataque de Denegaci\\u00f3n de Servicio (DoS). Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE e incluyendo la versi\\u00f3n 2.7 est\\u00e1n afectados.\"}]",
      "id": "CVE-2019-9496",
      "lastModified": "2024-11-21T04:51:43.933",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-04-17T14:29:03.917",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://seclists.org/bugtraq/2019/May/40\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://w1.fi/security/2019-3/\", \"source\": \"cret@cert.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_16\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://seclists.org/bugtraq/2019/May/40\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://w1.fi/security/2019-3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.synology.com/security/advisory/Synology_SA_19_16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cret@cert.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-642\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-9496\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2019-04-17T14:29:03.917\",\"lastModified\":\"2024-11-21T04:51:43.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.\"},{\"lang\":\"es\",\"value\":\"Una secuencia de autorizaci\u00f3n no v\u00e1lida puede conllevar a que el proceso de hostapd termine a causa de que faltan pasos de comprobaci\u00f3n de estado al procesar el mensaje de confirmaci\u00f3n SAE cuando est\u00e1 en el modo hostapd/AP. Todas las versiones de hostapd con soporte SAE son vulnerables. Un atacante puede forzar la terminaci\u00f3n del proceso de hostapd, realizando un ataque de Denegaci\u00f3n de Servicio (DoS). Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE e incluyendo la versi\u00f3n 2.7 est\u00e1n afectados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-642\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7\",\"matchCriteriaId\":\"5133129D-DA6B-485D-9FE7-33C994FBAF05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7\",\"matchCriteriaId\":\"46294B0E-0043-487D-AD8F-931DC05F0E78\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/\",\"source\":\"cret@cert.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/\",\"source\":\"cret@cert.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/May/40\",\"source\":\"cret@cert.org\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc\",\"source\":\"cret@cert.org\"},{\"url\":\"https://w1.fi/security/2019-3/\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_16\",\"source\":\"cret@cert.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/May/40\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://w1.fi/security/2019-3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

OPENSUSE-SU-2020:0222-1

Vulnerability from csaf_opensuse - Published: 2020-02-15 19:10 - Updated: 2020-02-15 19:10

Summary

Security update for hostapd

Notes

Title of the patch

Security update for hostapd

Description of the patch

This update for hostapd fixes the following issues: hostapd was updated to version 2.9: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * EAP-pwd changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/] * fixed FT-EAP initial mobility domain association using PMKSA caching * added configuration of airtime policy * fixed FILS to and RSNE into (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list * added support for regulatory WMM limitation (for ETSI) * added support for MACsec Key Agreement using IEEE 802.1X/PSK * added experimental support for EAP-TEAP server (RFC 7170) * added experimental support for EAP-TLS server with TLS v1.3 * added support for two server certificates/keys (RSA/ECC) * added AKMSuiteSelector into 'STA <addr>' control interface data to determine with AKM was used for an association * added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and fast reauthentication use to be disabled * fixed an ECDH operation corner case with OpenSSL Update to version 2.8 * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only group 19 (i.e., disable groups 20, 21, 25, 26 from default configuration) and disable all unsuitable groups completely based on REVmd changes - improved anti-clogging token mechanism and SAE authentication frame processing during heavy CPU load; this mitigates some issues with potential DoS attacks trying to flood an AP with large number of SAE messages - added Finite Cyclic Group field in status code 77 responses - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494) - fixed confirm message validation in error cases [https://w1.fi/security/2019-3/] (CVE-2019-9496) * EAP-pwd changes - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495) - verify peer scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498) - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/] - enforce rand,mask generation rules more strictly - fix a memory leak in PWE derivation - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27) * Hotspot 2.0 changes - added support for release number 3 - reject release 2 or newer association without PMF * added support for RSN operating channel validation (CONFIG_OCV=y and configuration parameter ocv=1) * added Multi-AP protocol support * added FTM responder configuration * fixed build with LibreSSL * added FT/RRB workaround for short Ethernet frame padding * fixed KEK2 derivation for FILS+FT * added RSSI-based association rejection from OCE * extended beacon reporting functionality * VLAN changes - allow local VLAN management with remote RADIUS authentication - add WPA/WPA2 passphrase/PSK -based VLAN assignment * OpenSSL: allow systemwide policies to be overridden * extended PEAP to derive EMSK to enable use with ERP/FILS * extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1) * fixed FT and SA Query Action frame with AP-MLME-in-driver cases * OWE: allow Diffie-Hellman Parameter element to be included with DPP in preparation for DPP protocol extension * RADIUS server: started to accept ERP keyName-NAI as user identity automatically without matching EAP database entry * fixed PTK rekeying with FILS and FT wpa_supplicant: * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes - do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms - fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP - started to prefer FT-SAE over SAE AKM if both are enabled - started to prefer FT-SAE over FT-PSK if both are enabled - fixed FT-SAE when SAE PMKSA caching is used - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494) * EAP-pwd changes - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495) - verify server scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9499) - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/] - enforce rand,mask generation rules more strictly - fix a memory leak in PWE derivation - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27) * fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y * Hotspot 2.0 changes - do not indicate release number that is higher than the one AP supports - added support for release number 3 - enable PMF automatically for network profiles created from credentials * fixed OWE network profile saving * fixed DPP network profile saving * added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1) * added Multi-AP backhaul STA support * fixed build with LibreSSL * number of MKA/MACsec fixes and extensions * extended domain_match and domain_suffix_match to allow list of values * fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL * started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled * extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384 * fixed KEK2 derivation for FILS+FT * extended client_cert file to allow loading of a chain of PEM encoded certificates * extended beacon reporting functionality * extended D-Bus interface with number of new properties * fixed a regression in FT-over-DS with mac80211-based drivers * OpenSSL: allow systemwide policies to be overridden * extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability * added support for random P2P Device/Interface Address use * extended PEAP to derive EMSK to enable use with ERP/FILS * extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1) * removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS) * extended domain_match and domain_suffix_match to allow list of values * added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order * fixed PTK rekeying with FILS and FT - Enabled CLI editing and history support. Update to version 2.7 * fixed WPA packet number reuse with replayed messages and key reinstallation [http://w1.fi/security/2017-1/] (CVE-2017-13082) (boo#1056061) * added support for FILS (IEEE 802.11ai) shared key authentication * added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA) * added support for DPP (Wi-Fi Device Provisioning Protocol) * FT: - added local generation of PMK-R0/PMK-R1 for FT-PSK (ft_psk_generate_local=1) - replaced inter-AP protocol with a cleaner design that is more easily extensible; this breaks backward compatibility and requires all APs in the ESS to be updated at the same time to maintain FT functionality - added support for wildcard R0KH/R1KH - replaced r0_key_lifetime (minutes) parameter with ft_r0_key_lifetime (seconds) - fixed wpa_psk_file use for FT-PSK - fixed FT-SAE PMKID matching - added expiration to PMK-R0 and PMK-R1 cache - added IEEE VLAN support (including tagged VLANs) - added support for SHA384 based AKM * SAE - fixed some PMKSA caching cases with SAE - added support for configuring SAE password separately of the WPA2 PSK/passphrase - added option to require MFP for SAE associations (sae_require_pmf=1) - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability - added support for Password Identifier * hostapd_cli: added support for command history and completion * added support for requesting beacon report * large number of other fixes, cleanup, and extensions * added option to configure EAPOL-Key retry limits (wpa_group_update_count and wpa_pairwise_update_count) * removed all PeerKey functionality * fixed nl80211 AP mode configuration regression with Linux 4.15 and newer * added support for using wolfSSL cryptographic library * fixed some 20/40 MHz coexistence cases where the BSS could drop to 20 MHz even when 40 MHz would be allowed * Hotspot 2.0 - added support for setting Venue URL ANQP-element (venue_url) - added support for advertising Hotspot 2.0 operator icons - added support for Roaming Consortium Selection element - added support for Terms and Conditions - added support for OSEN connection in a shared RSN BSS * added support for using OpenSSL 1.1.1 * added EAP-pwd server support for salted passwords

Patchnames

openSUSE-2020-222

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for hostapd",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for hostapd fixes the following issues:\n\nhostapd was updated to version 2.9:\n\n* SAE changes\n  - disable use of groups using Brainpool curves\n  - improved protection against side channel attacks\n    [https://w1.fi/security/2019-6/]\n* EAP-pwd changes\n  - disable use of groups using Brainpool curves\n  - improved protection against side channel attacks\n  [https://w1.fi/security/2019-6/]\n* fixed FT-EAP initial mobility domain association using PMKSA caching\n* added configuration of airtime policy\n* fixed FILS to and RSNE into (Re)Association Response frames\n* fixed DPP bootstrapping URI parser of channel list\n* added support for regulatory WMM limitation (for ETSI)\n* added support for MACsec Key Agreement using IEEE 802.1X/PSK\n* added experimental support for EAP-TEAP server (RFC 7170)\n* added experimental support for EAP-TLS server with TLS v1.3\n* added support for two server certificates/keys (RSA/ECC)\n* added AKMSuiteSelector into \u0027STA \u003caddr\u003e\u0027 control interface data to\n  determine with AKM was used for an association\n* added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and\n  fast reauthentication use to be disabled\n* fixed an ECDH operation corner case with OpenSSL\n\nUpdate to version 2.8\n* SAE changes\n  - added support for SAE Password Identifier\n  - changed default configuration to enable only group 19\n    (i.e., disable groups 20, 21, 25, 26 from default configuration) and\n    disable all unsuitable groups completely based on REVmd changes\n  - improved anti-clogging token mechanism and SAE authentication\n    frame processing during heavy CPU load; this mitigates some issues\n    with potential DoS attacks trying to flood an AP with large number\n    of SAE messages\n  - added Finite Cyclic Group field in status code 77 responses\n  - reject use of unsuitable groups based on new implementation guidance\n    in REVmd (allow only FFC groups with prime \u003e= 3072 bits and ECC\n    groups with prime \u003e= 256)\n  - minimize timing and memory use differences in PWE derivation\n    [https://w1.fi/security/2019-1/] (CVE-2019-9494)\n  - fixed confirm message validation in error cases\n    [https://w1.fi/security/2019-3/] (CVE-2019-9496)\n* EAP-pwd changes\n  - minimize timing and memory use differences in PWE derivation\n    [https://w1.fi/security/2019-2/] (CVE-2019-9495)\n  - verify peer scalar/element\n    [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498)\n  - fix message reassembly issue with unexpected fragment\n    [https://w1.fi/security/2019-5/]\n  - enforce rand,mask generation rules more strictly\n  - fix a memory leak in PWE derivation\n  - disallow ECC groups with a prime under 256 bits (groups 25, 26, and\n    27)\n* Hotspot 2.0 changes\n  - added support for release number 3\n  - reject release 2 or newer association without PMF\n* added support for RSN operating channel validation\n  (CONFIG_OCV=y and configuration parameter ocv=1)\n* added Multi-AP protocol support\n* added FTM responder configuration\n* fixed build with LibreSSL\n* added FT/RRB workaround for short Ethernet frame padding\n* fixed KEK2 derivation for FILS+FT\n* added RSSI-based association rejection from OCE\n* extended beacon reporting functionality\n* VLAN changes\n  - allow local VLAN management with remote RADIUS authentication\n  - add WPA/WPA2 passphrase/PSK -based VLAN assignment\n* OpenSSL: allow systemwide policies to be overridden\n* extended PEAP to derive EMSK to enable use with ERP/FILS\n* extended WPS to allow SAE configuration to be added automatically\n  for PSK (wps_cred_add_sae=1)\n* fixed FT and SA Query Action frame with AP-MLME-in-driver cases\n* OWE: allow Diffie-Hellman Parameter element to be included with DPP\n  in preparation for DPP protocol extension\n* RADIUS server: started to accept ERP keyName-NAI as user identity\n  automatically without matching EAP database entry\n* fixed PTK rekeying with FILS and FT\n\nwpa_supplicant:\n* SAE changes\n  - added support for SAE Password Identifier\n  - changed default configuration to enable only groups 19, 20, 21\n    (i.e., disable groups 25 and 26) and disable all unsuitable groups\n    completely based on REVmd changes\n  - do not regenerate PWE unnecessarily when the AP uses the\n    anti-clogging token mechanisms\n  - fixed some association cases where both SAE and FT-SAE were enabled\n    on both the station and the selected AP\n  - started to prefer FT-SAE over SAE AKM if both are enabled\n  - started to prefer FT-SAE over FT-PSK if both are enabled\n  - fixed FT-SAE when SAE PMKSA caching is used\n  - reject use of unsuitable groups based on new implementation guidance\n    in REVmd (allow only FFC groups with prime \u003e= 3072 bits and ECC\n    groups with prime \u003e= 256)\n  - minimize timing and memory use differences in PWE derivation\n    [https://w1.fi/security/2019-1/] (CVE-2019-9494)\n* EAP-pwd changes\n  - minimize timing and memory use differences in PWE derivation\n    [https://w1.fi/security/2019-2/] (CVE-2019-9495)\n  - verify server scalar/element\n    [https://w1.fi/security/2019-4/] (CVE-2019-9499)\n  - fix message reassembly issue with unexpected fragment\n    [https://w1.fi/security/2019-5/]\n  - enforce rand,mask generation rules more strictly\n  - fix a memory leak in PWE derivation\n  - disallow ECC groups with a prime under 256 bits (groups 25, 26, and\n    27)\n* fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y\n* Hotspot 2.0 changes\n  - do not indicate release number that is higher than the one\n    AP supports\n  - added support for release number 3\n  - enable PMF automatically for network profiles created from\n    credentials\n* fixed OWE network profile saving\n* fixed DPP network profile saving\n* added support for RSN operating channel validation\n  (CONFIG_OCV=y and network profile parameter ocv=1)\n* added Multi-AP backhaul STA support\n* fixed build with LibreSSL\n* number of MKA/MACsec fixes and extensions\n* extended domain_match and domain_suffix_match to allow list of values\n* fixed dNSName matching in domain_match and domain_suffix_match when\n  using wolfSSL\n* started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both\n  are enabled\n* extended nl80211 Connect and external authentication to support\n  SAE, FT-SAE, FT-EAP-SHA384\n* fixed KEK2 derivation for FILS+FT\n* extended client_cert file to allow loading of a chain of PEM\n  encoded certificates\n* extended beacon reporting functionality\n* extended D-Bus interface with number of new properties\n* fixed a regression in FT-over-DS with mac80211-based drivers\n* OpenSSL: allow systemwide policies to be overridden\n* extended driver flags indication for separate 802.1X and PSK\n  4-way handshake offload capability\n* added support for random P2P Device/Interface Address use\n* extended PEAP to derive EMSK to enable use with ERP/FILS\n* extended WPS to allow SAE configuration to be added automatically\n  for PSK (wps_cred_add_sae=1)\n* removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS)\n* extended domain_match and domain_suffix_match to allow list of values\n* added a RSN workaround for misbehaving PMF APs that advertise\n  IGTK/BIP KeyID using incorrect byte order\n* fixed PTK rekeying with FILS and FT\n\n- Enabled CLI editing and history support.\n\nUpdate to version 2.7\n\n* fixed WPA packet number reuse with replayed messages and key\n  reinstallation\n  [http://w1.fi/security/2017-1/] (CVE-2017-13082) (boo#1056061)\n* added support for FILS (IEEE 802.11ai) shared key authentication\n* added support for OWE (Opportunistic Wireless Encryption, RFC 8110;\n  and transition mode defined by WFA)\n* added support for DPP (Wi-Fi Device Provisioning Protocol)\n* FT:\n  - added local generation of PMK-R0/PMK-R1 for FT-PSK\n    (ft_psk_generate_local=1)\n  - replaced inter-AP protocol with a cleaner design that is more\n    easily extensible; this breaks backward compatibility and requires\n    all APs in the ESS to be updated at the same time to maintain FT\n    functionality\n  - added support for wildcard R0KH/R1KH\n  - replaced r0_key_lifetime (minutes) parameter with\n    ft_r0_key_lifetime (seconds)\n  - fixed wpa_psk_file use for FT-PSK\n  - fixed FT-SAE PMKID matching\n  - added expiration to PMK-R0 and PMK-R1 cache\n  - added IEEE VLAN support (including tagged VLANs)\n  - added support for SHA384 based AKM\n* SAE\n  - fixed some PMKSA caching cases with SAE\n  - added support for configuring SAE password separately of the\n    WPA2 PSK/passphrase\n  - added option to require MFP for SAE associations\n    (sae_require_pmf=1)\n  - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection\n    for SAE;\n    note: this is not backwards compatible, i.e., both the AP and\n    station side implementations will need to be update at the same\n    time to maintain interoperability\n  - added support for Password Identifier\n* hostapd_cli: added support for command history and completion\n* added support for requesting beacon report\n* large number of other fixes, cleanup, and extensions\n* added option to configure EAPOL-Key retry limits\n  (wpa_group_update_count and wpa_pairwise_update_count)\n* removed all PeerKey functionality\n* fixed nl80211 AP mode configuration regression with Linux 4.15 and\n  newer\n* added support for using wolfSSL cryptographic library\n* fixed some 20/40 MHz coexistence cases where the BSS could drop to\n  20 MHz even when 40 MHz would be allowed\n* Hotspot 2.0\n  - added support for setting Venue URL ANQP-element (venue_url)\n  - added support for advertising Hotspot 2.0 operator icons\n  - added support for Roaming Consortium Selection element\n  - added support for Terms and Conditions\n  - added support for OSEN connection in a shared RSN BSS\n* added support for using OpenSSL 1.1.1\n* added EAP-pwd server support for salted passwords\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2020-222",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0222-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2020:0222-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q7B4Y5BPIVXIPXUAQX744IATOJBYNYP6/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2020:0222-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q7B4Y5BPIVXIPXUAQX744IATOJBYNYP6/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056061",
        "url": "https://bugzilla.suse.com/1056061"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-13082 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-13082/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9494 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9495 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9495/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9496 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9496/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9497 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9498 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9498/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9499 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9499/"
      }
    ],
    "title": "Security update for hostapd",
    "tracking": {
      "current_release_date": "2020-02-15T19:10:10Z",
      "generator": {
        "date": "2020-02-15T19:10:10Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2020:0222-1",
      "initial_release_date": "2020-02-15T19:10:10Z",
      "revision_history": [
        {
          "date": "2020-02-15T19:10:10Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-bp151.5.3.1.aarch64",
                "product": {
                  "name": "hostapd-2.9-bp151.5.3.1.aarch64",
                  "product_id": "hostapd-2.9-bp151.5.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-bp151.5.3.1.ppc64le",
                "product": {
                  "name": "hostapd-2.9-bp151.5.3.1.ppc64le",
                  "product_id": "hostapd-2.9-bp151.5.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-bp151.5.3.1.s390x",
                "product": {
                  "name": "hostapd-2.9-bp151.5.3.1.s390x",
                  "product_id": "hostapd-2.9-bp151.5.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-bp151.5.3.1.x86_64",
                "product": {
                  "name": "hostapd-2.9-bp151.5.3.1.x86_64",
                  "product_id": "hostapd-2.9-bp151.5.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15",
                "product": {
                  "name": "SUSE Package Hub 15",
                  "product_id": "SUSE Package Hub 15"
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP1",
                "product": {
                  "name": "SUSE Package Hub 15 SP1",
                  "product_id": "SUSE Package Hub 15 SP1"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.1",
                "product": {
                  "name": "openSUSE Leap 15.1",
                  "product_id": "openSUSE Leap 15.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.aarch64 as component of SUSE Package Hub 15",
          "product_id": "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.ppc64le as component of SUSE Package Hub 15",
          "product_id": "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.s390x as component of SUSE Package Hub 15",
          "product_id": "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.x86_64 as component of SUSE Package Hub 15",
          "product_id": "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.aarch64 as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.ppc64le as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.s390x as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.x86_64 as component of SUSE Package Hub 15 SP1",
          "product_id": "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.aarch64 as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.ppc64le as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.s390x as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-bp151.5.3.1.x86_64 as component of openSUSE Leap 15.1",
          "product_id": "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        },
        "product_reference": "hostapd-2.9-bp151.5.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13082",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-13082"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-13082",
          "url": "https://www.suse.com/security/cve/CVE-2017-13082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056061 for CVE-2017-13082",
          "url": "https://bugzilla.suse.com/1056061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063479 for CVE-2017-13082",
          "url": "https://bugzilla.suse.com/1063479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179588 for CVE-2017-13082",
          "url": "https://bugzilla.suse.com/1179588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-13082"
    },
    {
      "cve": "CVE-2019-9494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9494",
          "url": "https://www.suse.com/security/cve/CVE-2019-9494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131291 for CVE-2019-9494",
          "url": "https://bugzilla.suse.com/1131291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131868 for CVE-2019-9494",
          "url": "https://bugzilla.suse.com/1131868"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194732 for CVE-2019-9494",
          "url": "https://bugzilla.suse.com/1194732"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9494"
    },
    {
      "cve": "CVE-2019-9495",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9495"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9495",
          "url": "https://www.suse.com/security/cve/CVE-2019-9495"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131291 for CVE-2019-9495",
          "url": "https://bugzilla.suse.com/1131291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131870 for CVE-2019-9495",
          "url": "https://bugzilla.suse.com/1131870"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194733 for CVE-2019-9495",
          "url": "https://bugzilla.suse.com/1194733"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9495"
    },
    {
      "cve": "CVE-2019-9496",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9496"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9496",
          "url": "https://www.suse.com/security/cve/CVE-2019-9496"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131869 for CVE-2019-9496",
          "url": "https://bugzilla.suse.com/1131869"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9496"
    },
    {
      "cve": "CVE-2019-9497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9497",
          "url": "https://www.suse.com/security/cve/CVE-2019-9497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131871 for CVE-2019-9497",
          "url": "https://bugzilla.suse.com/1131871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131872 for CVE-2019-9497",
          "url": "https://bugzilla.suse.com/1131872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131874 for CVE-2019-9497",
          "url": "https://bugzilla.suse.com/1131874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-9497"
    },
    {
      "cve": "CVE-2019-9498",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9498"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9498",
          "url": "https://www.suse.com/security/cve/CVE-2019-9498"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131871 for CVE-2019-9498",
          "url": "https://bugzilla.suse.com/1131871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131872 for CVE-2019-9498",
          "url": "https://bugzilla.suse.com/1131872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131874 for CVE-2019-9498",
          "url": "https://bugzilla.suse.com/1131874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9498"
    },
    {
      "cve": "CVE-2019-9499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
          "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
          "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9499",
          "url": "https://www.suse.com/security/cve/CVE-2019-9499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131871 for CVE-2019-9499",
          "url": "https://bugzilla.suse.com/1131871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131872 for CVE-2019-9499",
          "url": "https://bugzilla.suse.com/1131872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131874 for CVE-2019-9499",
          "url": "https://bugzilla.suse.com/1131874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15 SP1:hostapd-2.9-bp151.5.3.1.x86_64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.aarch64",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.ppc64le",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.s390x",
            "SUSE Package Hub 15:hostapd-2.9-bp151.5.3.1.x86_64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.aarch64",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.ppc64le",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.s390x",
            "openSUSE Leap 15.1:hostapd-2.9-bp151.5.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-02-15T19:10:10Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9499"
    }
  ]
}

OPENSUSE-SU-2024:10846-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

hostapd-2.9-6.2 on GA media

Notes

Title of the patch

hostapd-2.9-6.2 on GA media

Description of the patch

These are all security issues fixed in the hostapd-2.9-6.2 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-10846

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "hostapd-2.9-6.2 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the hostapd-2.9-6.2 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10846",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10846-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-13078 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-13078/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-13082 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-13082/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-14526 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-14526/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-16275 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-16275/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9494 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9494/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9495 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9495/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9496 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9496/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9497 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9497/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-9499 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-9499/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-12695 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-12695/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-30004 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-30004/"
      }
    ],
    "title": "hostapd-2.9-6.2 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10846-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-6.2.aarch64",
                "product": {
                  "name": "hostapd-2.9-6.2.aarch64",
                  "product_id": "hostapd-2.9-6.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-6.2.ppc64le",
                "product": {
                  "name": "hostapd-2.9-6.2.ppc64le",
                  "product_id": "hostapd-2.9-6.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-6.2.s390x",
                "product": {
                  "name": "hostapd-2.9-6.2.s390x",
                  "product_id": "hostapd-2.9-6.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "hostapd-2.9-6.2.x86_64",
                "product": {
                  "name": "hostapd-2.9-6.2.x86_64",
                  "product_id": "hostapd-2.9-6.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-6.2.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64"
        },
        "product_reference": "hostapd-2.9-6.2.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-6.2.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le"
        },
        "product_reference": "hostapd-2.9-6.2.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-6.2.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x"
        },
        "product_reference": "hostapd-2.9-6.2.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hostapd-2.9-6.2.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        },
        "product_reference": "hostapd-2.9-6.2.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13078",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-13078"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-13078",
          "url": "https://www.suse.com/security/cve/CVE-2017-13078"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056061 for CVE-2017-13078",
          "url": "https://bugzilla.suse.com/1056061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063479 for CVE-2017-13078",
          "url": "https://bugzilla.suse.com/1063479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063667 for CVE-2017-13078",
          "url": "https://bugzilla.suse.com/1063667"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179588 for CVE-2017-13078",
          "url": "https://bugzilla.suse.com/1179588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13082",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-13082"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-13082",
          "url": "https://www.suse.com/security/cve/CVE-2017-13082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056061 for CVE-2017-13082",
          "url": "https://bugzilla.suse.com/1056061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063479 for CVE-2017-13082",
          "url": "https://bugzilla.suse.com/1063479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179588 for CVE-2017-13082",
          "url": "https://bugzilla.suse.com/1179588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-13082"
    },
    {
      "cve": "CVE-2018-14526",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-14526"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-14526",
          "url": "https://www.suse.com/security/cve/CVE-2018-14526"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1104205 for CVE-2018-14526",
          "url": "https://bugzilla.suse.com/1104205"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-14526"
    },
    {
      "cve": "CVE-2019-16275",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-16275"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-16275",
          "url": "https://www.suse.com/security/cve/CVE-2019-16275"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1150934 for CVE-2019-16275",
          "url": "https://bugzilla.suse.com/1150934"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-16275"
    },
    {
      "cve": "CVE-2019-9494",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9494"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9494",
          "url": "https://www.suse.com/security/cve/CVE-2019-9494"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131291 for CVE-2019-9494",
          "url": "https://bugzilla.suse.com/1131291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131868 for CVE-2019-9494",
          "url": "https://bugzilla.suse.com/1131868"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194732 for CVE-2019-9494",
          "url": "https://bugzilla.suse.com/1194732"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9494"
    },
    {
      "cve": "CVE-2019-9495",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9495"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9495",
          "url": "https://www.suse.com/security/cve/CVE-2019-9495"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131291 for CVE-2019-9495",
          "url": "https://bugzilla.suse.com/1131291"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131870 for CVE-2019-9495",
          "url": "https://bugzilla.suse.com/1131870"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1194733 for CVE-2019-9495",
          "url": "https://bugzilla.suse.com/1194733"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9495"
    },
    {
      "cve": "CVE-2019-9496",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9496"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9496",
          "url": "https://www.suse.com/security/cve/CVE-2019-9496"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131869 for CVE-2019-9496",
          "url": "https://bugzilla.suse.com/1131869"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-9496"
    },
    {
      "cve": "CVE-2019-9497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9497",
          "url": "https://www.suse.com/security/cve/CVE-2019-9497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131871 for CVE-2019-9497",
          "url": "https://bugzilla.suse.com/1131871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131872 for CVE-2019-9497",
          "url": "https://bugzilla.suse.com/1131872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131874 for CVE-2019-9497",
          "url": "https://bugzilla.suse.com/1131874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "low"
        }
      ],
      "title": "CVE-2019-9497"
    },
    {
      "cve": "CVE-2019-9499",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-9499"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-9499",
          "url": "https://www.suse.com/security/cve/CVE-2019-9499"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131871 for CVE-2019-9499",
          "url": "https://bugzilla.suse.com/1131871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131872 for CVE-2019-9499",
          "url": "https://bugzilla.suse.com/1131872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1131874 for CVE-2019-9499",
          "url": "https://bugzilla.suse.com/1131874"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-9499"
    },
    {
      "cve": "CVE-2020-12695",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-12695"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-12695",
          "url": "https://www.suse.com/security/cve/CVE-2020-12695"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1172700 for CVE-2020-12695",
          "url": "https://bugzilla.suse.com/1172700"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179447 for CVE-2020-12695",
          "url": "https://bugzilla.suse.com/1179447"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-12695"
    },
    {
      "cve": "CVE-2021-30004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-30004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
          "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-30004",
          "url": "https://www.suse.com/security/cve/CVE-2021-30004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1184348 for CVE-2021-30004",
          "url": "https://bugzilla.suse.com/1184348"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:hostapd-2.9-6.2.aarch64",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.ppc64le",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.s390x",
            "openSUSE Tumbleweed:hostapd-2.9-6.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-30004"
    }
  ]
}

CERTFR-2020-AVI-004

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Fortinet	FortiOS	FortiOS versions antérieures à 6.2.3
Fortinet	N/A	Meru AP versions antérieures à 8.5.1
Fortinet	N/A	FortiAP-S/W2 versions antérieures à 6.2.2
Fortinet	N/A	Meru Controller versions antérieures à 8.5.1

References

Title

Publication Time

Tags

Bulletin de sécurité Fortinet FG-IR-19-107 du 03 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FortiOS versions ant\u00e9rieures \u00e0 6.2.3",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "Meru AP versions ant\u00e9rieures \u00e0 8.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAP-S/W2 versions ant\u00e9rieures \u00e0 6.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "Meru Controller versions ant\u00e9rieures \u00e0 8.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-9494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9494"
    },
    {
      "name": "CVE-2019-9495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9495"
    },
    {
      "name": "CVE-2019-9498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9498"
    },
    {
      "name": "CVE-2019-9497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9497"
    },
    {
      "name": "CVE-2019-9499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9499"
    },
    {
      "name": "CVE-2019-9496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9496"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-004",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-19-107 du 03 janvier 2020",
      "url": "https://fortiguard.com/psirt/FG-IR-19-107"
    }
  ]
}

CERTFR-2020-AVI-004

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Fortinet	FortiOS	FortiOS versions antérieures à 6.2.3
Fortinet	N/A	Meru AP versions antérieures à 8.5.1
Fortinet	N/A	FortiAP-S/W2 versions antérieures à 6.2.2
Fortinet	N/A	Meru Controller versions antérieures à 8.5.1

References

Title

Publication Time

Tags

Bulletin de sécurité Fortinet FG-IR-19-107 du 03 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "FortiOS versions ant\u00e9rieures \u00e0 6.2.3",
      "product": {
        "name": "FortiOS",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "Meru AP versions ant\u00e9rieures \u00e0 8.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "FortiAP-S/W2 versions ant\u00e9rieures \u00e0 6.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    },
    {
      "description": "Meru Controller versions ant\u00e9rieures \u00e0 8.5.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Fortinet",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-9494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9494"
    },
    {
      "name": "CVE-2019-9495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9495"
    },
    {
      "name": "CVE-2019-9498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9498"
    },
    {
      "name": "CVE-2019-9497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9497"
    },
    {
      "name": "CVE-2019-9499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9499"
    },
    {
      "name": "CVE-2019-9496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9496"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-004",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-19-107 du 03 janvier 2020",
      "url": "https://fortiguard.com/psirt/FG-IR-19-107"
    }
  ]
}

GSD-2019-9496

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-9496

Aliases

CVE-2019-9496

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-9496",
    "description": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
    "id": "GSD-2019-9496",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-9496.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-9496"
      ],
      "details": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
      "id": "GSD-2019-9496",
      "modified": "2023-12-13T01:23:47.479065Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "AKA": "Dragonblood",
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2019-9496",
        "STATE": "PUBLIC",
        "TITLE": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "hostapd with SAE support",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "2.7",
                          "version_value": "2.7"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "wpa_supplicant with SAE support",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "2.7",
                          "version_value": "2.7"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Wi-Fi Alliance"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.6"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-642 External Control of Critical State Data"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://w1.fi/security/2019-3/",
            "refsource": "CONFIRM",
            "url": "https://w1.fi/security/2019-3/"
          },
          {
            "name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
            "refsource": "CONFIRM",
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
          },
          {
            "name": "FEDORA-2019-d03bae77f5",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
          },
          {
            "name": "FEDORA-2019-f409af9fbe",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
          },
          {
            "name": "FEDORA-2019-eba1109acd",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
          },
          {
            "name": "FreeBSD-SA-19:03",
            "refsource": "FREEBSD",
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
          },
          {
            "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/May/40"
          },
          {
            "name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
          },
          {
            "name": "openSUSE-SU-2020:0222",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.7",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2019-9496"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://w1.fi/security/2019-3/",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://w1.fi/security/2019-3/"
            },
            {
              "name": "FEDORA-2019-f409af9fbe",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
            },
            {
              "name": "FEDORA-2019-d03bae77f5",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
            },
            {
              "name": "FEDORA-2019-eba1109acd",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
            },
            {
              "name": "FreeBSD-SA-19:03",
              "refsource": "FREEBSD",
              "tags": [],
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
            },
            {
              "name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "https://seclists.org/bugtraq/2019/May/40"
            },
            {
              "name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
            },
            {
              "name": "openSUSE-SU-2020:0222",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-05-15T22:29Z",
      "publishedDate": "2019-04-17T14:29Z"
    }
  }
}

FKIE_CVE-2019-9496

Vulnerability from fkie_nvd - Published: 2019-04-17 14:29 - Updated: 2024-11-21 04:51

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cret@cert.org	http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
cret@cert.org	http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html
cret@cert.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/
cret@cert.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/
cret@cert.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/
cret@cert.org	https://seclists.org/bugtraq/2019/May/40
cret@cert.org	https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc
cret@cert.org	https://w1.fi/security/2019-3/	Patch, Vendor Advisory
cret@cert.org	https://www.synology.com/security/advisory/Synology_SA_19_16
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/May/40
af854a3a-2127-422b-91ae-364da2661108	https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc
af854a3a-2127-422b-91ae-364da2661108	https://w1.fi/security/2019-3/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.synology.com/security/advisory/Synology_SA_19_16

Impacted products

Vendor	Product	Version
w1.fi	hostapd	*
w1.fi	wpa_supplicant	*
fedoraproject	fedora	28
fedoraproject	fedora	29
fedoraproject	fedora	30

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5133129D-DA6B-485D-9FE7-33C994FBAF05",
              "versionEndIncluding": "2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "46294B0E-0043-487D-AD8F-931DC05F0E78",
              "versionEndIncluding": "2.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
              "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
    },
    {
      "lang": "es",
      "value": "Una secuencia de autorizaci\u00f3n no v\u00e1lida puede conllevar a que el proceso de hostapd termine a causa de que faltan pasos de comprobaci\u00f3n de estado al procesar el mensaje de confirmaci\u00f3n SAE cuando est\u00e1 en el modo hostapd/AP. Todas las versiones de hostapd con soporte SAE son vulnerables. Un atacante puede forzar la terminaci\u00f3n del proceso de hostapd, realizando un ataque de Denegaci\u00f3n de Servicio (DoS). Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE e incluyendo la versi\u00f3n 2.7 est\u00e1n afectados."
    }
  ],
  "id": "CVE-2019-9496",
  "lastModified": "2024-11-21T04:51:43.933",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-17T14:29:03.917",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
    },
    {
      "source": "cret@cert.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
    },
    {
      "source": "cret@cert.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
    },
    {
      "source": "cret@cert.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
    },
    {
      "source": "cret@cert.org",
      "url": "https://seclists.org/bugtraq/2019/May/40"
    },
    {
      "source": "cret@cert.org",
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://w1.fi/security/2019-3/"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://seclists.org/bugtraq/2019/May/40"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://w1.fi/security/2019-3/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-642"
        }
      ],
      "source": "cret@cert.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-CVWC-47MG-VX9R

Vulnerability from github – Published: 2022-05-14 01:01 – Updated: 2022-05-14 01:01

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-9496"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-17T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.",
  "id": "GHSA-cvwc-47mg-vx9r",
  "modified": "2022-05-14T01:01:39Z",
  "published": "2022-05-14T01:01:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9496"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/May/40"
    },
    {
      "type": "WEB",
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
    },
    {
      "type": "WEB",
      "url": "https://w1.fi/security/2019-3"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-9496 (GCVE-0-2019-9496)

OPENSUSE-SU-2020:0222-1

OPENSUSE-SU-2024:10846-1

CERTFR-2020-AVI-004

Solution

CERTFR-2020-AVI-004

Solution

GSD-2019-9496

FKIE_CVE-2019-9496

GHSA-CVWC-47MG-VX9R

Tags

Sightings

Nomenclature