Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
hostapd和wpa_supplicant 代码问题漏洞
Vulnerability Description
hostapd是一款访问点和身份验证服务器的用户空间守护程序。wpa_supplicant是一款跨平台的WPA请求程序。该程序支持WEP、WPA和WPA2等。 hostapd (EAP server)2.8之前版本和wpa_supplicant (EAP peer)2.8之前版本中的eap_server/eap_server_pwd.c文件和eap_peer/eap_pwd.c文件存在安全漏洞,该漏洞源于在接收到非预期的片段时,EAP-pwd的实现没有正确地验证片段重塑状态。攻击者可利用该漏洞终止进程,造
CVSS Information
N/A
Vulnerability Type
N/A