wpa_supplicant contains a buffer overflow that could lead to a Denial of Service.
|Package||net-wireless/wpa_supplicant on all architectures|
|Affected versions||< 0.2.7|
|Unaffected versions||>= 0.2.7|
wpa_supplicant is a WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN).
wpa_supplicant contains a possible buffer overflow due to the lacking validation of received EAPOL-Key frames.
An attacker could cause the crash of wpa_supplicant using a specially crafted packet.
There is no known workaround at this time.
All wpa_supplicant users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-wireless/wpa_supplicant-0.2.7"
February 16, 2005
May 22, 2006: 02