Arbitrary Argument Injection Affecting wpa_supplicant package, versions *


Severity

Recommended
medium

Based on Red Hat Enterprise Linux security rating.

Threat Intelligence

EPSS
0.06% (31st percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RHEL7-WPASUPPLICANT-1349655
  • published26 Jul 2021
  • disclosed2 May 2016

Introduced: 2 May 2016

CVE-2016-4477  (opens in a new tab)
CWE-88  (opens in a new tab)

How to fix?

There is no fixed version for RHEL:7 wpa_supplicant.

NVD Description

Note: Versions mentioned in the description apply only to the upstream wpa_supplicant package and not the wpa_supplicant package as distributed by RHEL. See How to fix? for RHEL:7 relevant fixed versions and status.

wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitrary library loading and consequently gain privileges, or cause a denial of service (daemon outage), via a crafted (1) SET, (2) SET_CRED, or (3) SET_NETWORK command.