FS#42401 - [wpa_supplicant] CVE02014-3686 arbitrary command execution

Attached to Project: Arch Linux
Opened by Levente Polyak (anthraxx) - Thursday, 16 October 2014, 10:03 GMT
Last edited by Thomas Bächler (brain0) - Sunday, 19 October 2014, 09:47 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Thomas Bächler (brain0)
Architecture All
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Hello,

Summary:
It has been reported [0] that wpa_supplicant is affected by a arbitrary command execution vulnerability tracked as CVE-2014-3686 [1].

Description:
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

Mitigation:
The problem has been fixed upstream [2] so its recommend to update as fast as possible.

cheers
Levente

[0] http://www.openwall.com/lists/oss-security/2014/10/09/28
[1] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3686
This task depends upon

Closed by  Thomas Bächler (brain0)
Sunday, 19 October 2014, 09:47 GMT
Reason for closing:  Fixed
Comment by Levente Polyak (anthraxx) - Saturday, 18 October 2014, 08:24 GMT
Just as a hint, I'm running wpa_supplicant 2.3-1 for several days now without any issues. It seems safe to update.
cheers Levente
Comment by Thomas Bächler (brain0) - Sunday, 19 October 2014, 09:46 GMT
Sorry for the slow reaction. wpa_supplicant 2.3 is in testing and should move to core as soon as it is signed off by another developer.
Comment by Thomas Bächler (brain0) - Sunday, 19 October 2014, 09:47 GMT
Spoke too soon, it has been signed off and is moving now.

Loading...