CVE-2015-4142

wpa_supplicant 0.7.0-2.4 - Denial of Service via WMM Action Frame Integer Underflow

Title source: llm

Description

Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.

References (15)

Core 15

Core References

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2015/05/31/6

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1439.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1032625

Vendor Advisory x_refsource_confirm

http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt

Mailing List mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2015/05/09/5

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2015/dsa-3397

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201606-17

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2650-1

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html

Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2015-1090.html

Vendor Advisory x_refsource_confirm

https://support.apple.com/kb/HT213258

Mailing List mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2022/May/34

Scores

EPSS 0.0707

EPSS Percentile 91.6%

Details

CWE

CWE-119

Status published

Products (28)

opensuse/opensuse 13.1

opensuse/opensuse 13.2

redhat/enterprise_linux_desktop 6.0

redhat/enterprise_linux_hpc_node 6.0

redhat/enterprise_linux_server 6.0

redhat/enterprise_linux_workstation 6.0

w1.fi/hostapd 0.7.0

w1.fi/hostapd 0.7.1

w1.fi/hostapd 0.7.2

w1.fi/hostapd 0.7.3

... and 18 more

Published Jun 15, 2015

Tracked Since Feb 18, 2026