Upstream has issued an advisory on May 4: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt Since AP and P2P are not enabled in our wpa_supplicant package, it is not affected. Due to our configurations, we are also not affected by upstream advisories 2015-2 and 2015-4, also issued on May 4: http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt Since it wasn't previously stated in Bugzilla (that I can recall), we also were not affected by the previous CVE-2015-1863 (upstream advisory 2015-1) issue, as P2P is not enabled in our wpa_supplicant package: http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt The only thing we are affected by is 2015-3 in hostapd. Upstream patch checked into Mageia 4 and Cauldron SVN. Freeze push requested. Reproducible: Steps to Reproduce:
Blocks: (none) => 14674Whiteboard: (none) => MGA5TOO, MGA4TOO
Patched package uploaded for Mageia 4. Advisory: ======================== Updated hostapd packages fix security vulnerability: A vulnerability was found in hostapd that can be used to perform denial of service attacks by an attacker that is within radio range of the AP that uses hostapd for MLME/SME operations. References: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt ======================== Updated packages in core/updates_testing: ======================== hostapd-2.0-2.2.mga4 from hostapd-2.0-2.2.mga4.src.rpm
Version: Cauldron => 4Blocks: 14674 => (none)Assignee: bugsquad => qa-bugsWhiteboard: MGA5TOO, MGA4TOO => (none)
CVE request: http://openwall.com/lists/oss-security/2015/05/07/6
More formal CVE request: http://openwall.com/lists/oss-security/2015/05/09/5
Testing complete mga4 32 Just ensuring it updates cleanly during mga5 final release cycle.
Whiteboard: (none) => mga4-32-ok
Advisory uploaded.
Whiteboard: mga4-32-ok => advisory mga4-32-ok
Testing complete mga4 64 Set the wifi device name (from iwconfig) in /etc/hostapd/hostapd.conf and started the hostapd service. Ensured the service was able to restart OK with the update installed. Validating. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: advisory mga4-32-ok => has_procedure advisory mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0216.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/644282/
CVE-2015-4142 has been assigned for the 2015-3 issue we fixed in this update: http://openwall.com/lists/oss-security/2015/05/31/6
Summary: hostapd new security issue fixed upstream in 2.5 (upstream advisory 2015-3) => hostapd new security issue fixed upstream in 2.5 (upstream advisory 2015-3, CVE-2015-4142)
(In reply to David Walser from comment #8) > CVE-2015-4142 has been assigned for the 2015-3 issue we fixed in this update: > http://openwall.com/lists/oss-security/2015/05/31/6 LWN reference with the recent CVEs: http://lwn.net/Vulnerabilities/647929/
*** Bug 16953 has been marked as a duplicate of this bug. ***
CC: (none) => tmb