QwikSec

Security Database

CVE

CWE

Training

CVE-2015-5314

Published: Feb 21, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

http://w1.fi/security/2015-7/eap-pwd-missing-last-fragment-length-validation.txt

x_refsource_CONFIRM

[oss-security] 20151110 hostapd/wpa_supplicant: EAP-pwd missing last fragment length validation

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.