projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: caac7a6) | patch
hostapd: backport fix for CVE-2023-52160
authorHauke Mehrtens <hauke@hauke-m.de>
Tue, 13 Feb 2024 21:50:12 +0000 (22:50 +0100)
committerHauke Mehrtens <hauke@hauke-m.de>
Thu, 22 Feb 2024 20:50:16 +0000 (21:50 +0100)
commit987275f565c86d06f008aca03351647bc4943ad8
treee1369adc263fa3454f6319e904026e44625c3ae6tree | snapshot
parentcaac7a6a81284fa318275bdcde526aea476a2f5acommit | diff
hostapd: backport fix for CVE-2023-52160

Fix a authentication bypass problem in WPA Enterprise client mode. See
here for details: https://www.top10vpn.com/research/wifi-vulnerabilities/
This problem was assigned CVE-2023-52160

This problem was fixed in upstream hostapd in June 2023. Hostapd used in
OpenWrt 23.05 and later already contains this fix..

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/network/services/hostapd/patches/060-CVE-2023-52160-PEAP-client-Update-Phase-2-authentication-requiremen.patch [new file with mode: 0644] blob
OpenWrt Source Repository