Bugzilla – Bug 1150934
VUL-1: CVE-2019-16275: wpa_supplicant,hostapd: AP mode PMF disconnection
Last modified: 2021-04-12 13:18:19 UTC
CVE-2019-16275 hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16275 https://www.openwall.com/lists/oss-security/2019/09/11/7 http://seclists.org/oss-sec/2019/q3/224 http://www.openwall.com/lists/oss-security/2019/09/12/6 http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-16275.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16275 https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt https://w1.fi/security/2019-7/
For wpa_supplicant tracked as affected: SUSE:SLE-15 SUSE:SLE-12 SUSE:SLE-11-SP2 and OpenSUSE 15,15.1 and TW For hostapd OpenSUSE 15, 15.1 and TW
-> new maintainer Clemens
This is an autogenerated message for OBS integration: This bug (1150934) was mentioned in https://build.opensuse.org/request/show/797131 Factory / wpa_supplicant
For hostapd: https://build.opensuse.org/request/show/797132
SUSE-SU-2020:3380-1: An update that fixes 22 vulnerabilities, contains one feature is now available. Category: security (moderate) Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1166933,1167331,930077,930078,930079 CVE References: CVE-2015-4141,CVE-2015-4142,CVE-2015-4143,CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499 JIRA References: SLE-14992 Sources used: SUSE Linux Enterprise Server for SAP 15 (src): wpa_supplicant-2.9-4.20.1 SUSE Linux Enterprise Server 15-LTSS (src): wpa_supplicant-2.9-4.20.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): wpa_supplicant-2.9-4.20.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): wpa_supplicant-2.9-4.20.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): wpa_supplicant-2.9-4.20.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): wpa_supplicant-2.9-4.20.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:3424-1: An update that fixes 19 vulnerabilities, contains one feature is now available. Category: security (moderate) Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1165266,1166933,1167331 CVE References: CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499 JIRA References: SLE-14992 Sources used: SUSE Linux Enterprise Server 12-SP5 (src): wpa_supplicant-2.9-23.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2020:2053-1: An update that fixes 22 vulnerabilities is now available. Category: security (moderate) Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1166933,1167331,930077,930078,930079 CVE References: CVE-2015-4141,CVE-2015-4142,CVE-2015-4143,CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499 JIRA References: Sources used: openSUSE Leap 15.1 (src): wpa_supplicant-2.9-lp151.5.10.1
openSUSE-SU-2020:2059-1: An update that fixes 22 vulnerabilities is now available. Category: security (moderate) Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1166933,1167331,930077,930078,930079 CVE References: CVE-2015-4141,CVE-2015-4142,CVE-2015-4143,CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499 JIRA References: Sources used: openSUSE Leap 15.2 (src): wpa_supplicant-2.9-lp152.8.3.1
wpa_supplicant was updated to 2.9 which include this fix.
Please do not resolve bugs instead when you are done assign to the security team, for final review. In addition to this SLE11-SP2 and SLE12 are still tracked as affected. (SLE12 is currently in LTSS and thus given of its CVSS can be skipped)
SUSE-SU-2021:0478-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1150934,1181777 CVE References: CVE-2019-16275,CVE-2021-0326 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud Crowbar 8 (src): wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 9 (src): wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 8 (src): wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 7 (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): wpa_supplicant-2.6-15.13.1 HPE Helion Openstack 8 (src): wpa_supplicant-2.6-15.13.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This is an autogenerated message for OBS integration: This bug (1150934) was mentioned in https://build.opensuse.org/request/show/883563 15.2 / hostapd https://build.opensuse.org/request/show/883564 15.3 / hostapd
This is an autogenerated message for OBS integration: This bug (1150934) was mentioned in https://build.opensuse.org/request/show/883614 Backports:SLE-15-SP3 / hostapd
openSUSE-SU-2021:0519-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1150934,1172700,1184348 CVE References: CVE-2019-16275,CVE-2020-12695,CVE-2021-30004 JIRA References: Sources used: openSUSE Leap 15.2 (src): hostapd-2.9-lp152.2.3.1
openSUSE-SU-2021:0545-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1150934,1172700,1184348 CVE References: CVE-2019-16275,CVE-2020-12695,CVE-2021-30004 JIRA References: Sources used: openSUSE Backports SLE-15-SP2 (src): hostapd-2.9-bp152.2.3.1