Wind River Support Network

HomeDefectsLIN9-6385

Fixed

LIN9-6385 : Security Advisory - wpa_supplicant - CVE-2015-5316

Created: Feb 27, 2018 Updated: Dec 3, 2018

Resolved Date: Apr 10, 2018

Found In Version: 9.0.0.14

Fix Version: 9.0.0.16

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pwd Confirm message followed by the Identity exchange.

https://nvd.nist.gov/vuln/detail/CVE-2015-5316

Other Downloads

Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2015-5316