Candidate: CVE-2015-8041
PublicDate: 2015-11-09 16:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8041
 http://www.openwall.com/lists/oss-security/2015/07/08/3
 http://w1.fi/security/2015-5/
Description:
 Multiple integer overflows in the NDEF record parser in hostapd before 2.5
 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of
 service (process crash or infinite loop) via a large payload length field
 value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an
 out-of-bounds read.
Ubuntu-Description:
Notes:
 tyhicks> CONFIG_WPS_NFC is not set in Vivid and older builds of wpa
 tyhicks> CONFIG_WPS_NFS is not set in wpasupplicant or hostapd builds
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795740
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_wpasupplicant:
upstream_wpasupplicant: released (2.5)
precise_wpasupplicant: not-affected (CONFIG_WPS_NFC disabled)
trusty_wpasupplicant: DNE
trusty/esm_wpasupplicant: DNE
vivid_wpasupplicant: DNE
vivid/stable-phone-overlay_wpasupplicant: DNE
vivid/ubuntu-core_wpasupplicant: DNE
wily_wpasupplicant: DNE
xenial_wpasupplicant: DNE
devel_wpasupplicant: DNE

Patches_hostapd:
upstream_hostapd: needs-triage
precise_hostapd: not-affected (CONFIG_WPS_NFC disabled)
trusty_hostapd: DNE
trusty/esm_hostapd: DNE
vivid_hostapd: DNE
vivid/stable-phone-overlay_hostapd: DNE
vivid/ubuntu-core_hostapd: DNE
wily_hostapd: DNE
xenial_hostapd: DNE
devel_hostapd: DNE

Patches_wpa:
 upstream: http://w1.fi/cgit/hostap/commit/?id=df9079e72760ceb7ebe7fb11538200c516bdd886
upstream_wpa: released (2.3-2.2)
precise_wpa: DNE
trusty_wpa: not-affected
trusty/esm_wpa: not-affected
vivid_wpa: not-affected (CONFIG_WPS_NFC disabled)
vivid/stable-phone-overlay_wpa: not-affected (CONFIG_WPS_NFC disabled)
vivid/ubuntu-core_wpa: not-affected (CONFIG_WPS_NFC disabled)
wily_wpa: ignored (reached end-of-life)
xenial_wpa: released (2.4-0ubuntu5)
esm-infra/xenial_wpa: released (2.4-0ubuntu5)
devel_wpa: released (2.4-0ubuntu5)