CVE-2015-8041
Advisory lineage Upstream: 0 Downstream: 10
Modified
Published: 09 Nov 2015, 16:00
Last modified:06 Aug 2024, 08:06
Vulnerability Summary
Overall Risk (default)
low
20/100 CVSS Score
5 MEDIUM
v2.0 (nvd)
EPSS Score
1.58% LOW
2% probability +0.09%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
09 Nov 2015, 16:00
Published
Vulnerability first disclosed
06 Aug 2024, 08:06
Last Modified
Vulnerability information updated
Description
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
CVSS Metrics
- v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS Trends
Current EPSS score: 1.58%• Percentile: 82%
Techniques & Countermeasures
- CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
Affected Systems
- opensuse•opensuse
13.1 | 13.2
- w1.fi•hostapd
≤ 2.4
- w1.fi•wpa_supplicant
≤ 2.4
References (8)
- https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html
- https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog
- http://www.securityfocus.com/bid/75604
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html
- http://www.openwall.com/lists/oss-security/2015/11/02/5
- http://www.debian.org/security/2015/dsa-3397
- http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt