QwikSec

Security Database

CVE

CWE

Training

CVE-2015-4142

Published: Jun 15, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd

mailing-list

x_refsource_MLIST

FEDORA-2015-cfea96144a

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

FEDORA-2015-6f16b5e39e

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_SECTRACK

http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt

x_refsource_CONFIRM

[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_GENTOO

vendor-advisory

x_refsource_UBUNTU

FEDORA-2015-1521e91178

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2015:1030

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

https://support.apple.com/kb/HT213258

x_refsource_CONFIRM

20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5

mailing-list

x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.