Fedora has issued an advisory on August 3: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4PKEEFWTY6U7SRJ2BKUDQNTDL6FYIP5X/
CVE: (none) => CVE-2024-6197Source RPM: (none) => hostapd-2.10-2.mga9.src.rpmStatus comment: (none) => Fixed upstream in 2.11
CVE: CVE-2024-6197 => CVE-2024-6197, CVE-2023-52424Summary: hostapd new security issue CVE-2024-6197 => hostapd new security issue CVE-2024-6197, wpa_supplicant new security issue CVE-2023-52424Source RPM: hostapd-2.10-2.mga9.src.rpm => hostapd-2.10-2.mga9.src.rpm, wpa_supplicant-2.10-3.1.mga9.src.rpm
Summary: hostapd new security issue CVE-2024-6197, wpa_supplicant new security issue CVE-2023-52424 => hostapd and wpa_supplicant new security issue CVE-2023-52424CVE: CVE-2024-6197, CVE-2023-52424 => CVE-2023-52424
No registered maintainers, so assigning to all.
Assignee: bugsquad => pkg-bugsURL: (none) => https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4PKEEFWTY6U7SRJ2BKUDQNTDL6FYIP5X/CC: (none) => marja11
Assigning to QA, Packages in 9/Core/Updates_testing: ====================== hostapd-2.11-1.mga9 wpa_supplicant-2.11-1.mga9 wpa_supplicant-gui-2.11-1.mga9 From SRPMS hostapd-2.11-1.mga9.src.rpm wpa_supplicant-2.11-1.mga9.src.rpm
Assignee: pkg-bugs => qa-bugsCC: (none) => geiger.david68210
Keywords: (none) => advisory
Installed and tested without issues. Using systemd-networkd to manage the network devices, including a USB WLAN thingy. Tested wpa_supplicant and wpa_supplicant-gui. Did NOT test hostapd. System: Mageia 9, x86_64, Plasma DE, LXQt DE, AMD Ryzen 5 5600G with Radeon Graphics using amdgpu driver. $ uname -a Linux jupiter 6.6.50-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sun Sep 8 12:38:27 UTC 2024 x86_64 GNU/Linux $ lsusb | grep WLAN Bus 001 Device 002: ID 0bda:818b Realtek Semiconductor Corp. RTL8192EU 802.11b/g/n WLAN Adapter $ rpm -qa | grep wpa_supplicant wpa_supplicant-2.11-1.mga9 wpa_supplicant-gui-2.11-1.mga9
CC: (none) => mageia
RH i586 Updated wpa_supplicant, disconnect and connect the wifi The internet keep working Install hostapd and edit the config file systemctl start hostapd.service systemctl status hostapd.service hostapd.service - Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator Loaded: loaded (/usr/lib/systemd/system/hostapd.service; disabled; preset: disabled) Active: active (running) since Sun 2024-09-15 11:32:57 CST; 12s ago Process: 15787 ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B (c> Main PID: 15791 (hostapd) Tasks: 1 (limit: 4758) CPU: 71ms CGroup: /system.slice/hostapd.service └─15791 /usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B sep 15 11:32:56 cefiro systemd[1]: Starting hostapd.service... sep 15 11:32:57 cefiro hostapd[15787]: wlp1s0: interface state UNINITIALIZED->ENABLED sep 15 11:32:57 cefiro hostapd[15787]: wlp1s0: AP-ENABLED sep 15 11:32:57 cefiro systemd[1]: hostapd.service: Failed to parse PID from file /run/hostapd.pid> sep 15 11:32:57 cefiro hostapd[15791]: wlp1s0: STA 10:50:72:e6:70:20 IEEE 802.11: disassociated sep 15 11:32:57 cefiro systemd[1]: Started hostapd.service. I lost conection after that and have to stop the service and reconnect the wifi, I not have any experience with this but hostapd.service: Failed to parse PID from file /run/hostapd.pid> looks bad
Keywords: (none) => feedback
Blocks: (none) => 32160
RH i586 rpm -q hostapd hostapd-2.10-2.mga9 systemctl start hostapd.service systemctl status hostapd.service ● hostapd.service - Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator Loaded: loaded (/usr/lib/systemd/system/hostapd.service; disabled; preset: disabled) Active: active (running) since Sat 2024-09-28 15:28:08 CST; 8s ago Process: 25974 ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B (code=exited, status=0/SU> Main PID: 25976 (hostapd) Tasks: 1 (limit: 4759) CPU: 159ms CGroup: /system.slice/hostapd.service └─25976 /usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B sep 28 15:28:08 cefiro systemd[1]: Starting hostapd.service... sep 28 15:28:08 cefiro hostapd[25974]: wlp1s0: interface state UNINITIALIZED->ENABLED sep 28 15:28:08 cefiro hostapd[25974]: wlp1s0: AP-ENABLED sep 28 15:28:08 cefiro hostapd[25976]: wlp1s0: STA 10:50:72:e6:70:20 IEEE 802.11: disassociated sep 28 15:28:08 cefiro systemd[1]: hostapd.service: Can't open PID file /run/hostapd.pid (yet?) after start: No such file> sep 28 15:28:08 cefiro systemd[1]: Started hostapd.service. ...skipping... ● hostapd.service - Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator Loaded: loaded (/usr/lib/systemd/system/hostapd.service; disabled; preset: disabled) Active: active (running) since Sat 2024-09-28 15:28:08 CST; 8s ago Process: 25974 ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B (code=exited, status=0/SU> Main PID: 25976 (hostapd) Tasks: 1 (limit: 4759) CPU: 159ms CGroup: /system.slice/hostapd.service └─25976 /usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B sep 28 15:28:08 cefiro systemd[1]: Starting hostapd.service... sep 28 15:28:08 cefiro hostapd[25974]: wlp1s0: interface state UNINITIALIZED->ENABLED sep 28 15:28:08 cefiro hostapd[25974]: wlp1s0: AP-ENABLED sep 28 15:28:08 cefiro hostapd[25976]: wlp1s0: STA 10:50:72:e6:70:20 IEEE 802.11: disassociated sep 28 15:28:08 cefiro systemd[1]: hostapd.service: Can't open PID file /run/hostapd.pid (yet?) after start: No such file> sep 28 15:28:08 cefiro systemd[1]: Started hostapd.service. Looks like current version have similar behaviour @Thomas I let to your consideration validate or return to packager
CC: (none) => andrewsfarm
Installed and **minimally** tested without issues. IMPORTANT: I never used hostapd and have don't know how to properly configure it. I used the default configuration, with the exception of enabling bridging so that the connecting device would be able to actually have network access. Installing had no issues. Starting the hostapd service also has no issues. Using another device, I looked at the available WiFi networks and found the "test" access point, the one operated by the hostapd service. After selecting the "test" access point, the device was able to access both the LAN and the Internet. Note that I did not configure any security so I did not test any of the authentication and other security features. System: Mageia 9, x86_64, AMD Ryzen 5 5600G with Radeon Graphics using amdgpu driver. # systemctl start hostapd.service # systemctl status hostapd.service ● hostapd.service - Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator Loaded: loaded (/usr/lib/systemd/system/hostapd.service; disabled; preset: disabled) Active: active (running) since Sun 2024-09-29 17:06:35 WEST; 4s ago Process: 18026 ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B (code=exited, status=0/SUCCESS) Main PID: 18030 (hostapd) Tasks: 1 (limit: 37588) Memory: 788.0K CPU: 17ms CGroup: /system.slice/hostapd.service └─18030 /usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B set 29 17:06:34 jupiter systemd[1]: Starting hostapd.service... set 29 17:06:35 jupiter hostapd[18026]: wlan0: interface state UNINITIALIZED->ENABLED set 29 17:06:35 jupiter hostapd[18026]: wlan0: AP-ENABLED set 29 17:06:35 jupiter systemd[1]: Started hostapd.service. set 29 17:06:35 jupiter hostapd[18030]: wlan0: STA 60:6c:63:83:c6:a6 IEEE 802.11: disassociated # journalctl -b0 -u hostapd.service set 29 17:06:34 jupiter systemd[1]: Starting hostapd.service... set 29 17:06:35 jupiter hostapd[18026]: wlan0: interface state UNINITIALIZED->ENABLED set 29 17:06:35 jupiter hostapd[18026]: wlan0: AP-ENABLED set 29 17:06:35 jupiter systemd[1]: Started hostapd.service. set 29 17:06:35 jupiter hostapd[18030]: wlan0: STA 60:6c:63:83:c6:a6 IEEE 802.11: disassociated set 29 17:13:37 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: authenticated set 29 17:13:37 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: associated (aid 1) set 29 17:13:37 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a RADIUS: starting accounting session E749A957637F27B8 set 29 17:14:14 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: authenticated set 29 17:14:14 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: associated (aid 1) set 29 17:14:14 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a RADIUS: starting accounting session B3CB4881DD21B3D2 set 29 17:14:53 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: authenticated set 29 17:14:53 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: associated (aid 1) set 29 17:14:53 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a RADIUS: starting accounting session B4EAC6E34F1B7631 set 29 17:15:33 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: authenticated set 29 17:15:33 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: associated (aid 1) set 29 17:15:33 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a RADIUS: starting accounting session B6DF82C01EFDC2B0 set 29 17:16:09 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: authenticated set 29 17:16:09 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a IEEE 802.11: associated (aid 1) set 29 17:16:09 jupiter hostapd[18030]: wlan0: STA 84:d1:5a:84:53:4a RADIUS: starting accounting session CDEAC4270C917FEF
Comment#6 makes me think I not configure the right way the service, so I give OK
Whiteboard: (none) => MGA9-64-OKKeywords: feedback => (none)
Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0322.html
Status: NEW => RESOLVEDResolution: (none) => FIXED