hostapd: Security fix for CVE-2023-52160 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Yi Zhao <yi.zhao@eng.windriver.com>	2024-11-22 19:22:01 +0800
committer	Armin Kuster <akuster808@gmail.com>	2024-12-08 15:02:39 -0500
commit	9f598082ed27aecfcd2c7bd30e487dbc03318b31 (patch)
tree	f927c40c22cc8410f317e5389e1f5d5ec1fdca69 /meta-python/recipes-devtools/python
parent	55bb99d80c9a0fabb4effbeeff19e869fd56940c (diff)
download	meta-openembedded-9f598082ed27aecfcd2c7bd30e487dbc03318b31.tar.gz

hostapd: Security fix for CVE-2023-52160

CVE-2023-52160: The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-52160 Patch from: https://w1.fi/cgit/hostap/commit/?id=8e6485a1bcb0baffdea9e55255a81270b768439c Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: