wpa_supplicant eap_pwd_process Function Denial of Service Vulnerability [CVE-2015-5315]
CVE Number – CVE-2015-5315
A vulnerability in the eap_peer/eap_pwd.c source code of wpa_supplicant could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists in the eap_pwd_process function, and is due to improper memory operations that are performed by the affected software. An attacker could exploit this vulnerability by submitting a large buffer fragment in an EAP-pwd message to a targeted system. A successful exploit could allow the attacker to cause the process to terminate, resulting in a DoS condition.
The vendor has confirmed the vulnerability and released software updates.
-
To exploit this vulnerability, the attacker may need access to trusted or internal networks. This access requirement could reduce the likelihood of a successful exploit.
-
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
Administrators are advised to monitor affected systems.
-
The vendor has released a security bulletin at the following link: EAP-pwd missing last fragment length validation
-
The vendor has released software updates at the following link: wpa_supplicant 2.6
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.