[3.6] wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant (CVE-2018-14526)
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0
through 2.6. Under certain conditions,
the integrity of EAPOL-Key messages is not checked, leading to a
decryption oracle. An attacker within
range of the Access Point and client can abuse the vulnerability to
recover sensitive information.
References:
https://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txt
http://openwall.com/lists/oss-security/2018/08/08/3
https://nvd.nist.gov/vuln/detail/CVE-2018-14526
(from redmine: issue id 9222, created on 2018-08-10, closed on 2018-08-22)
- Relations:
- copied_to #9218 (closed)
- parent #9218 (closed)
- Changesets:
- Revision 32a110e3 by Natanael Copa on 2018-08-21T14:03:34Z:
main/wpa_supplicant: security fix (CVE-2018-14526)
fixes #9222