Ubuntu 16.04 LTS / 18.04 LTS : wpa_supplicant and hostapd vulnerability (USN-4136-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4136-1 advisory. It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of...

USN-4136-2: wpa_supplicant and hostapd vulnerability

USN-4136-1 fixed a vulnerability in wpasupplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to...

USN-4136-2 wpa, wpasupplicant vulnerability

USN-4136-1 fixed a vulnerability in wpasupplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to...

USN-4136-1: wpa_supplicant and hostapd vulnerability

It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service...

USN-4136-1 wpa vulnerability

It was discovered that wpasupplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service...

CVE-2019-6833

A CWE-754 – Improper Check for Unusual or Exceptional Conditions vulnerability exists in Magelis HMI Panels all versions of - HMIGTO, HMISTO, XBTGH, HMIGTU, HMIGTUX, HMISCU, HMISTU, XBTGT, XBTGT, HMIGXO, HMIGXU, which could cause a temporary freeze of the HMI when a high rate of frames is receive...

CVE-2019-6833

CVE-2019-6833 affects Schneider Electric Magelis HMI Panels (HMIGTO/HMISTO/XBTGH/HMIGTU/HMIGTUX/HMISCU/HMISTU/XBTGT/XBTGC/HMIGXO/HMIGXU), where a high rate of frames can cause a temporary HMI freeze; after the rate subsides, buffered commands are processed. Affected firmware versions: all listed ...

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...

Debian DLA-1922-1 : wpa security update

hostapd and wpasupplicant when controlling AP mode did not perform sufficient source address validation for some received Management frames and this could result in ending up sending a frame that caused associated stations to incorrectly believe they were disconnected from the network even if...

[SECURITY] [DLA 1922-1] wpa security update

Package : wpa Version : 2.3-1+deb8u9 CVE ID : CVE-2019-16275 Debian Bug : 940080 hostapd and wpasupplicant when controlling AP mode did not perform sufficient source address validation for some received Management frames and this could result in ending up sending a frame that caused associated...

HTTP/2: flood using PRIORITY frames results in excessive resource consumption

A flaw was found in HTTP/2. An attacker, using PRIORITY frames to flood the system, could cause excessive CPU usage and starvation of other clients. The largest threat from this vulnerability is to system availability...

Denial Of Service (DoS)

nginx HTTP/2 is vulnerable to denial of service DoS. It does not prevent the attacker from creating multiple request streams and flooding using PRIORITY frames continuously in a way that causes substantial churn to the priority tree, causing an excessive resource consumption...

UBUNTU-CVE-2019-16275

hostapd before 2.10 and wpasupplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF aka management frame protection. The attacker must send a...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

kernel: brcmfmac frame validation bypass

If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using HEADERS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RSTSTREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...