CVE-2019-11555

Published: 26 April 2019

The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.

Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
wpa
Launchpad, Ubuntu, Debian
Upstream
Released (2:2.7+git20190128+0c1e29f-5)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2:2.6-15ubuntu2.3)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.4-0ubuntu6.5)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.1-0ubuntu1.7+esm1)
Patches:
Upstream: https://w1.fi/security/2019-5/