Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 26 Apr 2015 20:07:10 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 199721] wpa_supplicant - CVE-2015-1863 patch for disabled by default P2P option
Message-ID:  <bug-199721-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=199721

            Bug ID: 199721
           Summary: wpa_supplicant - CVE-2015-1863 patch for disabled by
                    default P2P option
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: jason.unovitch@gmail.com

Created attachment 156021
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=156021&action=edit
11-CURRENT patch

Apply patch to base for wpa_supplicant P2P SSID processing vulnerability
[1][2]. Ports has already been fixed [3]. The CONFIG_P2P option is disabled by
default however fix the code anyway so it doesn't get accidentally enabled. 
This follows DragonFly BSD in applying it even though P2P is off by default
[4].

Noticed by: Kevin McAleavey in the FreeBSD Forums [5]

Other comments:
- 9.X and 8.X use wpa_supplicant versions earlier than the affected 1.0-2.4
from the advisory.
- 10.1-STABLE uses wpa_supplicant 2.0 and should be patched.
- 11.0-CURRENT uses wpa_supplicant 2.4 and should be patched.


References:
[1] Upstream Advisory:
http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt

[2] Upstream Patch:
http://w1.fi/security/2015-1/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch

[3] Ports PR for security/wpa_supplicant (already fixed):
https://bugs.freebsd.org/199678

[4] Follow DragonFly BSD in applying the same patch:
http://gitweb.dragonflybsd.org/dragonfly.git/commit/584c4a9f0c9071cb62abe9c870a2b08afe746a88

[5] Forum Post
https://forums.freebsd.org/threads/patch-for-wpa_supplicant.51368/

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-199721-8>