hostapd: Security fix for CVE-2023-52160 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Yi Zhao <yi.zhao@eng.windriver.com>	2024-11-24 23:19:40 +0800
committer	Armin Kuster <akuster808@gmail.com>	2024-12-15 13:52:28 -0500
commit	0f98d98e82882a06adf24fbc1a628cfaf2268ba1 (patch)
tree	e921d456e8a919caba5878bebc9cc195f8ca25c6 /meta-python
parent	00973f130d797fe829fef17b5858c5ae8bca3220 (diff)
download	meta-openembedded-0f98d98e82882a06adf24fbc1a628cfaf2268ba1.tar.gz

hostapd: Security fix for CVE-2023-52160

CVE-2023-52160: The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-52160 Patch from: https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: