Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2015-4141 |
CWE-ID | CWE-122 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
hostapd (Alpine package) Operating systems & Components / Operating system package or component |
Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU33633
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-4141
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4. A remote attacker can use a negative chunk length to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionshostapd (Alpine package): 1.1-r0 - 2.3-r1
External linkshttp://git.alpinelinux.org/aports/commit/?id=3aeb57ec96caa3b0c85bc950e5fd36f43bcd48fe
http://git.alpinelinux.org/aports/commit/?id=fe93077fc235073200c471a387c27261bfc20eb7
http://git.alpinelinux.org/aports/commit/?id=8eeb852f99efdce027c392ad0ab29bb684f0ed7d
http://git.alpinelinux.org/aports/commit/?id=23b5bada7760b28f341d923d4549f36b4d9dc50b
http://git.alpinelinux.org/aports/commit/?id=24fe5565c27eed276c793d7e34bdad182efee108
http://git.alpinelinux.org/aports/commit/?id=2b5198b441b22d8c68cd7131be7c5c0bff746a91
http://git.alpinelinux.org/aports/commit/?id=d8639f35f2edbddd0d541d199154f7c5bd5230ee
http://git.alpinelinux.org/aports/commit/?id=d68ca09574357db36d33cace25c2b307dc8759d5
http://git.alpinelinux.org/aports/commit/?id=fd324ccbd51905c0571336037f4b4a09b8480170
http://git.alpinelinux.org/aports/commit/?id=62ecb530d43d5bdf1a68d3509993e48bddfdb5de
http://git.alpinelinux.org/aports/commit/?id=a190cd664abf51fb096ce04c5833b64815b5a23a
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.