{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"hostapd-2.6-1.1 on GA media","title":"Title of the patch"},{"category":"description","text":"These are all security issues fixed in the hostapd-2.6-1.1 package on the GA media of openSUSE Tumbleweed.","title":"Description of the patch"},{"category":"details","text":"openSUSE-Tumbleweed-2024-10022","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10022-1.json"},{"category":"self","summary":"SUSE CVE CVE-2014-3686 page","url":"https://www.suse.com/security/cve/CVE-2014-3686/"},{"category":"self","summary":"SUSE CVE CVE-2015-1863 page","url":"https://www.suse.com/security/cve/CVE-2015-1863/"},{"category":"self","summary":"SUSE CVE CVE-2015-4141 page","url":"https://www.suse.com/security/cve/CVE-2015-4141/"},{"category":"self","summary":"SUSE CVE CVE-2015-4142 page","url":"https://www.suse.com/security/cve/CVE-2015-4142/"},{"category":"self","summary":"SUSE CVE CVE-2015-4143 page","url":"https://www.suse.com/security/cve/CVE-2015-4143/"},{"category":"self","summary":"SUSE CVE CVE-2015-4144 page","url":"https://www.suse.com/security/cve/CVE-2015-4144/"},{"category":"self","summary":"SUSE CVE CVE-2015-4145 page","url":"https://www.suse.com/security/cve/CVE-2015-4145/"},{"category":"self","summary":"SUSE CVE CVE-2015-5314 page","url":"https://www.suse.com/security/cve/CVE-2015-5314/"},{"category":"self","summary":"SUSE CVE CVE-2016-4476 page","url":"https://www.suse.com/security/cve/CVE-2016-4476/"}],"title":"hostapd-2.6-1.1 on GA media","tracking":{"current_release_date":"2024-06-15T00:00:00Z","generator":{"date":"2024-06-15T00:00:00Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2024:10022-1","initial_release_date":"2024-06-15T00:00:00Z","revision_history":[{"date":"2024-06-15T00:00:00Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"hostapd-2.6-1.1.aarch64","product":{"name":"hostapd-2.6-1.1.aarch64","product_id":"hostapd-2.6-1.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"hostapd-2.6-1.1.ppc64le","product":{"name":"hostapd-2.6-1.1.ppc64le","product_id":"hostapd-2.6-1.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"hostapd-2.6-1.1.s390x","product":{"name":"hostapd-2.6-1.1.s390x","product_id":"hostapd-2.6-1.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"hostapd-2.6-1.1.x86_64","product":{"name":"hostapd-2.6-1.1.x86_64","product_id":"hostapd-2.6-1.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Tumbleweed","product":{"name":"openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed","product_identification_helper":{"cpe":"cpe:/o:opensuse:tumbleweed"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"hostapd-2.6-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64"},"product_reference":"hostapd-2.6-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"hostapd-2.6-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le"},"product_reference":"hostapd-2.6-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"hostapd-2.6-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:hostapd-2.6-1.1.s390x"},"product_reference":"hostapd-2.6-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"hostapd-2.6-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"},"product_reference":"hostapd-2.6-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"}]},"vulnerabilities":[{"cve":"CVE-2014-3686","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2014-3686"}],"notes":[{"category":"general","text":"wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2014-3686","url":"https://www.suse.com/security/cve/CVE-2014-3686"},{"category":"external","summary":"SUSE Bug 1063667 for CVE-2014-3686","url":"https://bugzilla.suse.com/1063667"},{"category":"external","summary":"SUSE Bug 900611 for CVE-2014-3686","url":"https://bugzilla.suse.com/900611"},{"category":"external","summary":"SUSE Bug 915323 for CVE-2014-3686","url":"https://bugzilla.suse.com/915323"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2014-3686"},{"cve":"CVE-2015-1863","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-1863"}],"notes":[{"category":"general","text":"Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-1863","url":"https://www.suse.com/security/cve/CVE-2015-1863"},{"category":"external","summary":"SUSE Bug 915323 for CVE-2015-1863","url":"https://bugzilla.suse.com/915323"},{"category":"external","summary":"SUSE Bug 927558 for CVE-2015-1863","url":"https://bugzilla.suse.com/927558"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"low"}],"title":"CVE-2015-1863"},{"cve":"CVE-2015-4141","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-4141"}],"notes":[{"category":"general","text":"The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-4141","url":"https://www.suse.com/security/cve/CVE-2015-4141"},{"category":"external","summary":"SUSE Bug 915323 for CVE-2015-4141","url":"https://bugzilla.suse.com/915323"},{"category":"external","summary":"SUSE Bug 930077 for CVE-2015-4141","url":"https://bugzilla.suse.com/930077"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-4141"},{"cve":"CVE-2015-4142","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-4142"}],"notes":[{"category":"general","text":"Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-4142","url":"https://www.suse.com/security/cve/CVE-2015-4142"},{"category":"external","summary":"SUSE Bug 915323 for CVE-2015-4142","url":"https://bugzilla.suse.com/915323"},{"category":"external","summary":"SUSE Bug 930078 for CVE-2015-4142","url":"https://bugzilla.suse.com/930078"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-4142"},{"cve":"CVE-2015-4143","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-4143"}],"notes":[{"category":"general","text":"The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-4143","url":"https://www.suse.com/security/cve/CVE-2015-4143"},{"category":"external","summary":"SUSE Bug 930079 for CVE-2015-4143","url":"https://bugzilla.suse.com/930079"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-4143"},{"cve":"CVE-2015-4144","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-4144"}],"notes":[{"category":"general","text":"The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-4144","url":"https://www.suse.com/security/cve/CVE-2015-4144"},{"category":"external","summary":"SUSE Bug 930079 for CVE-2015-4144","url":"https://bugzilla.suse.com/930079"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-4144"},{"cve":"CVE-2015-4145","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-4145"}],"notes":[{"category":"general","text":"The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-4145","url":"https://www.suse.com/security/cve/CVE-2015-4145"},{"category":"external","summary":"SUSE Bug 930079 for CVE-2015-4145","url":"https://bugzilla.suse.com/930079"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-4145"},{"cve":"CVE-2015-5314","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2015-5314"}],"notes":[{"category":"general","text":"The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2015-5314","url":"https://www.suse.com/security/cve/CVE-2015-5314"},{"category":"external","summary":"SUSE Bug 953115 for CVE-2015-5314","url":"https://bugzilla.suse.com/953115"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"moderate"}],"title":"CVE-2015-5314"},{"cve":"CVE-2016-4476","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2016-4476"}],"notes":[{"category":"general","text":"hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \\n and \\r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2016-4476","url":"https://www.suse.com/security/cve/CVE-2016-4476"},{"category":"external","summary":"SUSE Bug 978172 for CVE-2016-4476","url":"https://bugzilla.suse.com/978172"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:hostapd-2.6-1.1.aarch64","openSUSE Tumbleweed:hostapd-2.6-1.1.ppc64le","openSUSE Tumbleweed:hostapd-2.6-1.1.s390x","openSUSE Tumbleweed:hostapd-2.6-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2024-06-15T00:00:00Z","details":"low"}],"title":"CVE-2016-4476"}]}