CVE-2015-4141
EPSS 1.5%wpa - security update
發布日:2015/6/15修改日:2026/4/28
描述
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
受影響套件(2)
- Debian/wpafrom 0, < 2.3-2.2
- Debian/wpafrom 0, < 1.0-3+deb7u3