==========================================================================
Ubuntu Security Notice USN-3745-1
August 20, 2018
wpa vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
wpa_supplicant and hostapd could be made to expose sensitive
information if it received a crafted message.
Software Description:
– wpa: client support for WPA and WPA2
Details:
It was discovered that wpa_supplicant and hostapd incorrectly handled
certain messages. An attacker could possibly use this to access
sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
hostapd 2:2.6-15ubuntu2.1
wpasupplicant 2:2.6-15ubuntu2.1
Ubuntu 16.04 LTS:
hostapd 2.4-0ubuntu6.3
wpasupplicant 2.4-0ubuntu6.3
Ubuntu 14.04 LTS:
hostapd 2.1-0ubuntu1.6
wpasupplicant 2.1-0ubuntu1.6
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3745-1
CVE-2018-14526
Package Information:
https://launchpad.net/ubuntu/+source/wpa/2:2.6-15ubuntu2.1
https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.3
https://launchpad.net/ubuntu/+source/wpa/2.1-0ubuntu1.6—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJbeuKVAAoJEEW851uECx9pcsoQAJbMGuJ0+l/xNSOBaH2+7KvV
lTuYiRXKBIIOT84CcwP2906FvlP3IRbI5hVtmTlIhatyG9EAYrp2aJbPx+teB/cr
Tn0Ovon99E2A4lPxKouY9fPovSqMmM2+QUnZ3z4jH00F0tmTcZkOBXe+WIWtXljt
aFW0gHee6t7SCl46vWARifkQUJlYIXyYG7WHO7yiZdaAFiYMivAV3mTfMBGx3ZKw
iHvNuOCb+cqJKBbO5D/Wa/cRiJSB1afPqLPpkYVWK+fK/TSaSCNdSbtTCeLQw9PY
W4LA4p1AF7NXicGJmc9DV1GnA9N8HMmHOzcAKQJAs0RUyo951dbsFhTmqGBfDKMw
RL9vYsPoMMrgPkpDpFlTzKohOFwQ/hUe3FJOSTN96Ry6mlS97qHMIVFk7LaPiEge
9g11HSGgGlIRTsqdKLZV9JueMYO1IhlvDBqI50Z59ZRX/TZL32wcrmaSQKlaP2lt
5vMNvs6X214m96wufPJuwnSn3t0LCjwl3sHm04qkzPUMicGgVTCS+F//2DinKVzH
exbdi4MGCH9deD0YpuOnfz7js3uuNbqY+UZpt3DN3TXEI2nTqx3XorhQWjd/YTkG
Pv5TidOTNxaBIAKRI01gfxxqVn66WyYPXsdzXBQ+ghfm+D2SJgcM2Zu9Q+NUBh6Y
Osn5dY1Vvh7yV1ymTe41
=l9uK
—–END PGP SIGNATURE—–
—