This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-22 14:49:56 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
a207bbd8-6572-11e9-8e67-206a8a720317 | FreeBSD -- EAP-pwd message reassembly issue with unexpected fragmentProblem Description:EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP peer) does not to validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to NULL pointer dereference. See https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt for a detailed description of the bug. Impact:All wpa_supplicant and hostapd versions with EAP-pwd support could suffer a denial of service attack through process termination. Discovery 2019-04-18 Entry 2019-04-23 FreeBSD ge 12.0 lt 12.0_3 ge 11.2 lt 11.2_9 wpa_supplicant < 2.8 hostapd < 2.8 https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt |
7e53f9cc-656d-11e9-8e67-206a8a720317 | FreeBSD -- SAE side-channel attacksProblem Description:Side channel attacks in the SAE implementations used by both hostapd (AP) and wpa_supplicant (infrastructure BSS station/mesh station). SAE (Simultaneous Authentication of Equals) is also known as WPA3-Personal. The discovered side channel attacks may be able to leak information about the used password based on observable timing differences and cache access patterns. This might result in full password recovery when combined with an offline dictionary attack and if the password is not strong enough to protect against dictionary attacks. See https://w1.fi/security/2019-1/sae-side-channel-attacks.txt for a detailed description of the bug. Impact:All wpa_supplicant and hostapd versions with SAE support (CONFIG_SAE=y in the build configuration and SAE being enabled in the runtime configuration). Discovery 2019-04-10 Entry 2019-04-23 FreeBSD ge 12.0 lt 12.0_3 ge 11.2 lt 11.2_9 wpa_supplicant < 2.8 hostapd < 2.8 CVE-2019-9494 |
60129efe-656d-11e9-8e67-206a8a720317 | FreeBSD -- EAP-pwd side-channel attackProblem Description:Potential side channel attacks in the SAE implementations used by both hostapd and wpa_supplicant (see CVE-2019-9494 and VU#871675). EAP-pwd uses a similar design for deriving PWE from the password and while a specific attack against EAP-pwd is not yet known to be tested, there is no reason to believe that the EAP-pwd implementation would be immune against the type of cache attack that was identified for the SAE implementation. Since the EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP peer) does not support MODP groups, the timing attack described against SAE is not applicable for the EAP-pwd implementation. See https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt for a detailed description of the bug. Impact:All wpa_supplicant and hostapd versions with EAP-pwd support (CONFIG_EAP_PWD=y in the build configuration and EAP-pwd being enabled in the runtime configuration). Discovery 2019-04-10 Entry 2019-04-23 FreeBSD ge 12.0 lt 12.0_3 ge 11.2 lt 11.2_9 wpa_supplicant < 2.8 hostapd < 2.8 CVE-2019-9495 |
2da3cb25-6571-11e9-8e67-206a8a720317 | FreeBSD -- EAP-pwd missing commit validationProblem Description:EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP peer) does not to validate the received scalar and element values in EAP-pwd-Commit messages properly. This could result in attacks that would be able to complete EAP-pwd authentication exchange without the attacker having to know the used password. See https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt for a detailed description of the bug. Impact:All wpa_supplicant and hostapd versions with EAP-pwd support. Discovery 2019-04-10 Entry 2019-04-23 Modified 2019-07-30 FreeBSD ge 12.0 lt 12.0_3 ge 11.2 lt 11.2_9 wpa_supplicant < 2.8 hostapd < 2.8 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 SA-19:03.wpa |
98b71436-656d-11e9-8e67-206a8a720317 | FreeBSD -- SAE confirm missing state validationProblem Description:When hostapd is used to operate an access point with SAE (Simultaneous Authentication of Equals; also known as WPA3-Personal), an invalid authentication sequence could result in the hostapd process terminating due to a NULL pointer dereference when processing SAE confirm message. This was caused by missing state validation steps when processing the SAE confirm message in hostapd/AP mode. See https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt for a detailed description of the bug. Impact:All hostapd versions with SAE support (CONFIG_SAE=y in the build configuration and SAE being enabled in the runtime configuration). Discovery 2019-04-10 Entry 2019-04-23 FreeBSD ge 12.0 lt 12.0_3 ge 11.2 lt 11.2_9 wpa_supplicant < 2.8 hostapd < 2.8 CVE-2019-9496 |