Information on source package wpa

Available versions

ReleaseVersion
jessie2.3-1+deb8u15
stretch2:2.4-1+deb9u11
stretch (security)2:2.4-1+deb9u9
buster2:2.7+git20190128+0c1e29f-6+deb10u5
buster (security)2:2.7+git20190128+0c1e29f-6+deb10u4
bullseye2:2.9.0-21+deb11u2
bookworm2:2.10-12+deb12u2
trixie2:2.10-22
sid2:2.10-22

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2022-23304vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe implementations of EAP-pwd in hostapd before 2.10 and wpa_supplica ...
CVE-2022-23303fixedfixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe implementations of SAE in hostapd before 2.10 and wpa_supplicant b ...
CVE-2019-9496vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedAn invalid authentication sequence could result in the hostapd process ...
CVE-2019-9494vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedThe implementations of SAE in hostapd and wpa_supplicant are vulnerabl ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-30004vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableIn wpa_supplicant and hostapd 2.9, forging attacks may occur because A ...
CVE-2019-5062vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn exploitable denial-of-service vulnerability exists in the 802.11w s ...
CVE-2019-5061vulnerablevulnerablevulnerablefixedfixedfixedfixedAn exploitable denial-of-service vulnerability exists in the hostapd 2 ...
CVE-2017-13084vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Sta ...
CVE-2016-10743fixedvulnerablefixedfixedfixedfixedfixedhostapd before 2.6 does not prevent use of the low-quality PRNG that i ...

Resolved issues

BugDescription
CVE-2024-5290An issue was discovered in Ubuntu wpa_supplicant that resulted in load ...
CVE-2023-52160The implementation of PEAP in wpa_supplicant through 2.10 allows authe ...
CVE-2021-27803A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant b ...
CVE-2021-0326In p2p_copy_client_info of p2p.c, there is a possible out of bounds wr ...
CVE-2020-12695The Open Connectivity Foundation UPnP specification before 2020-04-17 ...
CVE-2019-16275hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect ...
CVE-2019-13377The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2 ...
CVE-2019-11555The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_ ...
CVE-2019-10064hostapd before 2.6, in EAP mode, makes calls to the rand() and random( ...
CVE-2019-9499The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built ...
CVE-2019-9498The implementations of EAP-PWD in hostapd EAP Server, when built again ...
CVE-2019-9497The implementations of EAP-PWD in hostapd EAP Server and wpa_supplican ...
CVE-2019-9495The implementations of EAP-PWD in hostapd and wpa_supplicant are vulne ...
CVE-2018-14526An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 throug ...
CVE-2017-13088Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows rein ...
CVE-2017-13087Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows rein ...
CVE-2017-13086Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tun ...
CVE-2017-13082Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allow ...
CVE-2017-13081Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allow ...
CVE-2017-13080Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Gro ...
CVE-2017-13079Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allow ...
CVE-2017-13078Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Gro ...
CVE-2017-13077Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pai ...
CVE-2016-4477wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters ...
CVE-2016-4476hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not ...
CVE-2015-8041Multiple integer overflows in the NDEF record parser in hostapd before ...
CVE-2015-5316The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in ...
CVE-2015-5315The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2 ...
CVE-2015-5314The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd ...
CVE-2015-5310The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not prop ...
CVE-2015-4146The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 thro ...
CVE-2015-4145The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...
CVE-2015-4144The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...
CVE-2015-4143The EAP-pwd server and peer implementation in hostapd and wpa_supplica ...
CVE-2015-4142Integer underflow in the WMM Action frame parser in hostapd 0.5.5 thro ...
CVE-2015-4141The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplican ...
CVE-2015-1863Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows re ...
CVE-2014-3686wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certai ...
CVE-2012-4445Heap-based buffer overflow in the eap_server_tls_process_fragment func ...
CVE-2012-2389hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permi ...

Security announcements

DSA / DLADescription
ELA-1153-1wpa - security update
DSA-5739-1wpa - security update
ELA-1064-1wpa - security update
DLA-3743-1wpa - security update
DSA-4898-1wpa - security update
DLA-2581-1wpa - security update
ELA-374-1wpa - security update
DLA-2572-1wpa - security update
ELA-370-1wpa - security update
DLA-2318-1wpa - security update
ELA-240-1wpa - security update
DLA-2138-1wpa - security update
DSA-4538-1wpa - security update
DLA-1922-1wpa - security update
DLA-1867-1wpa - security update
DSA-4450-1wpa - security update
DSA-4430-1wpa - security update
DLA-1733-1wpa - security update
DLA-1462-1wpa - security update
DLA-1150-1wpa - security update
DSA-3999-1wpa - security update
DLA-473-1wpa - security update
DSA-3397-1wpa - security update
DSA-3233-1wpa - security update
DSA-3052-1wpa - security update

Search for package or bug name: Reporting problems