#VU30346 Insufficient Entropy in hostapd
Vulnerability identifier: #VU30346
Vulnerability risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-331
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
hostapd
Server applications /
Remote access servers, VPN
Vendor: Jouni Malinen
Description
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
Mitigation
Install update from vendor's website.
Vulnerable software versions
hostapd: 2.0 - 2.5
External links
http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html
http://seclists.org/fulldisclosure/2020/Feb/26
http://www.openwall.com/lists/oss-security/2020/02/27/1
http://www.openwall.com/lists/oss-security/2020/02/27/2
http://lists.debian.org/debian-lts-announce/2020/03/msg00010.html
http://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
