Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
hostapd和wpa_supplicant 整数溢出漏洞
Vulnerability Description
hostapd是一个实现了无线接入点(AP)和认证服务器的守护进程。wpa_supplicant是软件开发者Jouni Malinen和其他贡献者共同开发的一个运行在后台的守护进程,它主要用来支持WEP、WPA/WPA2和WAPI无线协议和加密认证。 hostapd 2.5之前版本和wpa_supplicant 2.5之前版本的NDEF记录解析器中存在整数溢出漏洞。远程攻击者可借助WPS或P2P NFC NDEF记录中较大的负载长度字段值利用该漏洞造成拒绝服务(进程崩溃或无限循环)。
CVSS Information
N/A
Vulnerability Type
N/A