==========================================================================
Ubuntu Security Notice USN-3969-2
May 09, 2019
wpa vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 14.04 ESM
Summary:
wpa_supplicant and hostapd could be made to crash if they received
specially crafted network traffic.
Software Description:
– wpa: client support for WPA and WPA2
Details:
USN-3969-1 fixed a vulnerability in wpa_supplicant and hostapd. This
update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that wpa_supplicant and hostapd incorrectly handled
unexpected fragments when using EAP-pwd. A remote attacker could
possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
hostapd 2.1-0ubuntu1.7+esm1
wpasupplicant 2.1-0ubuntu1.7+esm1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3969-2
https://usn.ubuntu.com/usn/usn-3969-1
CVE-2019-11555—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJc1D/gAAoJEEW851uECx9pBvUP/29GRD3FRguHKZEmnlpQI06Q
Ma0gOajfPoToFLcI1yDDWEdr9sz4SF/YAwVRj8Irw7gWUwt2umgzCrGKnTKoTIgJ
g6xXgy98HnEKFBu8dfxtPInaA5YiPfIOddfqdLNZkxofGN64pjOhe3krPotcoqqw
9G/4S12Whykvc/VIn4F4/ZFSi/dqYJLF8phuheWlNV7MDypCp1UtOE4NV8A5RtYI
aZJ95dVRY77qoztqdlqesct0lUwMGyBdkFePlh9bPHAwDryGuOOmDe4hp2U2kZ9y
x9aDcxsQ5NVtBlKdydd94Wio+FJK1Oupbjw6m3jdRq++FjamIJH9PJUaVOrpda4G
o+qBcSFkz1NSUlIKuK7YWCB7b73s7t1wL+U0QvR1Hq4J8o5hmAmlVIoZVJBbcPCZ
5MUMYHZ5XRgaXnG+SgeXAtWo6XStEfDcb7lAo9bNKa3NK2mmDIyBVQEo/4+0CEW9
Ov5uktR1GyNYfr855Owrg1xgBYbY3nCAc+zeoa6n8RMXX1/HAGewwxVrqEaWMkev
0lnvkLSlSLsgvcTwYO07EG3DhqtovXNG8ZF+CEzRl4bgx1xqDwvkcEjyB1ICorWL
hLkt49NW4mbc0AIAok0KP/7J0x62XSYek63TY+7Nr7fTdhMiw47bTa5vEDt3T6gy
znxQgJH9vr0zewZ3qNTK
=gO/V
—–END PGP SIGNATURE—–
—
