Wind River Support Network

HomeDefectsLIN8-12199
Fixed

LIN8-12199 : Security Advisory - hostapd&wpa-supplicant - CVE-2019-10064

Created: Feb 29, 2020    Updated: Apr 25, 2020
Resolved Date: Apr 20, 2020
Found In Version: 8.0.0.1
Fix Version: 8.0.0.33
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.

CREATE(Triage):(User=admin) [CVE-2019-10064|https://nvd.nist.gov/vuln/detail/CVE-2019-10064]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube