CVE-2019-9497
published 2019-04-17CVE-2019-9497: The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This…
PriorityP352high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
5.37%
91.6th percentile
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
Affected
29 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | freeradius | < freeradius 3.0.17+dfsg-1.1 (bookworm) | freeradius 3.0.17+dfsg-1.1 (bookworm) |
| debian | wpa | < wpa 2:2.7+git20190128+0c1e29f-4 (bookworm) | wpa 2:2.7+git20190128+0c1e29f-4 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| freeradius | freeradius | < 3.0.19 | 3.0.19 |
| freeradius | freeradius | >= 0 < 3.0.17+dfsg-1.1 | 3.0.17+dfsg-1.1 |
| freeradius | freeradius | >= 0 < 3.0.17+dfsg-1.1 | 3.0.17+dfsg-1.1 |
| freeradius | freeradius | >= 0 < 3.0.17+dfsg-1.1 | 3.0.17+dfsg-1.1 |
| freeradius | freeradius | >= 0 < 3.0.17+dfsg-1.1 | 3.0.17+dfsg-1.1 |
| redhat | enterprise_linux | — | — |
| w1.fi | hostapd | <= 2.4 | — |
| w1.fi | hostapd | 2.5 – 2.7 | — |
| w1.fi | wpa_supplicant | <= 2.4 | — |
| w1.fi | wpa_supplicant | >= 0 < 2:2.7+git20190128+0c1e29f-4 | 2:2.7+git20190128+0c1e29f-4 |
| w1.fi | wpa_supplicant | >= 0 < 2:2.7+git20190128+0c1e29f-4 | 2:2.7+git20190128+0c1e29f-4 |
| w1.fi | wpa_supplicant | >= 0 < 2:2.7+git20190128+0c1e29f-4 | 2:2.7+git20190128+0c1e29f-4 |
| w1.fi | wpa_supplicant | >= 0 < 2:2.7+git20190128+0c1e29f-4 | 2:2.7+git20190128+0c1e29f-4 |
| w1.fi | wpa_supplicant | >= 0 < 2.1-0ubuntu1.7 | 2.1-0ubuntu1.7 |
| w1.fi | wpa_supplicant | >= 0 < 2.4-0ubuntu6.4 | 2.4-0ubuntu6.4 |
| w1.fi | wpa_supplicant | >= 0 < 2:2.6-15ubuntu2.2 | 2:2.6-15ubuntu2.2 |
| w1.fi | wpa_supplicant | 2.5 – 2.7 | — |
CVSS provenance
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_redhat9.8CRITICAL
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
BSD
FreeBSD-SA-19:03.wpa: Multiple vulnerabilities in hostapd and wpa_supplicant
bsd_advisories·2019-05-14·CVSS 5.9
CVE-2019-11555 [MEDIUM] FreeBSD-SA-19:03.wpa: Multiple vulnerabilities in hostapd and wpa_supplicant
FreeBSD-SA-19:03.wpa Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in hostapd and wpa_supplicant
Category: contrib
Module: wpa
Announced: 2019-05-14
Affects: All supported versions of FreeBSD.
Corrected: 2019-05-01 01:42:38 UTC (stable/12, 12.0-STABLE)
2019-05-14 22:57:29 UTC (releng/12.0, 12.0-RELEASE-p4)
2019-05-01 01:43:17 UTC (stable/11, 11.2-STABLE)
2019-05-14 22:59:32 UTC (releng/11.2, 11.2-RELEASE-p10)
CVE Name: CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497,
CVE-2019-9498, CVE-2019-9499, CVE-2019-11555
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .
I. Background
Wi-Fi Protected Access II (WPA2) is a security protocol deve
Ubuntu
wpa_supplicant and hostapd vulnerabilities
vendor_ubuntu·2019-04-10·CVSS 7.5
CVE-2016-10743 [HIGH] wpa_supplicant and hostapd vulnerabilities
Title: wpa_supplicant and hostapd vulnerabilities
Summary: Several security issues were fixed in wpa_supplicant and hostapd.
It was discovered that wpa_supplicant and hostapd were vulnerable to a
side channel attack against EAP-pwd. A remote attacker could possibly use
this issue to recover certain passwords. (CVE-2019-9495)
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly
validated received scalar and element values in EAP-pwd-Commit messages. A
remote attacker could possibly use this issue to perform a reflection
attack and authenticate without the appropriate password. (CVE-2019-9497,
CVE-2019-9498, CVE-2019-9499)
It was discovered that hostapd incorrectly handled obtaining random
numbers. In rare cases where the urandom device isn't available, it would
fall back
Red Hat
freeradius: eap-pwd: fake authentication using reflection
vendor_redhat·2019-04-10·CVSS 9.8
CVE-2019-11234 [CRITICAL] CWE-287 freeradius: eap-pwd: fake authentication using reflection
freeradius: eap-pwd: fake authentication using reflection
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
Package: freeradius (Red Hat Enterprise Linux 5) - Not affected
Package: freeradius2 (Red Hat Enterprise Linux 5) - Not affected
Package: freeradius (Red Hat Enterprise Linux 6) - Not affected
Red Hat
wpa_supplicant: EAP-pwd server not checking for reflection attack
vendor_redhat·2019-04-10·CVSS 8.1
CVE-2019-9497 [HIGH] CWE-287 wpa_supplicant: EAP-pwd server not checking for reflection attack
wpa_supplicant: EAP-pwd server not checking for reflection attack
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
Statement: This issue did not affect the versions of wpa_supplican
Debian
CVE-2019-11234: freeradius - FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication s...
vendor_debian·2019·CVSS 9.8
CVE-2019-11234 [CRITICAL] CVE-2019-11234: freeradius - FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication s...
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
Scope: local
bookworm: resolved (fixed in 3.0.17+dfsg-1.1)
bullseye: resolved (fixed in 3.0.17+dfsg-1.1)
forky: resolved (fixed in 3.0.17+dfsg-1.1)
sid: resolved (fixed in 3.0.17+dfsg-1.1)
trixie: resolved (fixed in 3.0.17+dfsg-1.1)
Debian
CVE-2019-9497: wpa - The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer...
vendor_debian·2019·CVSS 8.1
CVE-2019-9497 [HIGH] CVE-2019-9497: wpa - The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer...
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
Scope: local
bookworm: resolved (fixed in 2:2.7+git20190128+0c1e29f-4)
bullseye: resolved (fixed in 2:2.7+git20190128+0c1e29f-4)
forky
GHSA
GHSA-vwq6-jpj7-xqvx: FreeRADIUS before 3
ghsa_unreviewed·2022-05-24·CVSS 8.1
CVE-2019-11234 [HIGH] CWE-287 GHSA-vwq6-jpj7-xqvx: FreeRADIUS before 3
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
GHSA
GHSA-fvg7-p9r8-pcrj: The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit
ghsa_unreviewed·2022-05-14
CVE-2019-9497 [HIGH] CWE-287 GHSA-fvg7-p9r8-pcrj: The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
OSV
CVE-2019-11234: FreeRADIUS before 3
osv·2019-04-22·CVSS 9.8
CVE-2019-11234 [CRITICAL] CVE-2019-11234: FreeRADIUS before 3
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
OSV
CVE-2019-9497: The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit
osv·2019-04-17·CVSS 8.1
CVE-2019-9497 [HIGH] CVE-2019-9497: The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
OSV
wpa vulnerabilities
osv·2019-04-10·CVSS 7.5
CVE-2019-9495 [HIGH] wpa vulnerabilities
wpa vulnerabilities
It was discovered that wpa_supplicant and hostapd were vulnerable to a
side channel attack against EAP-pwd. A remote attacker could possibly use
this issue to recover certain passwords. (CVE-2019-9495)
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly
validated received scalar and element values in EAP-pwd-Commit messages. A
remote attacker could possibly use this issue to perform a reflection
attack and authenticate without the appropriate password. (CVE-2019-9497,
CVE-2019-9498, CVE-2019-9499)
It was discovered that hostapd incorrectly handled obtaining random
numbers. In rare cases where the urandom device isn't available, it would
fall back to using a low-quality PRNG. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10
No detection rules found.
No public exploits indexed.
HackerOne
Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd
hackerone·2020-05-05·CVSS 9.8
[CRITICAL] Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd
Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd
Full background information is at [our website](wpa3.mathyvanhoef.com) and detailed information can be found in our [research paper](https://eprint.iacr.org/2019/383).
# Vulnerability Summary
## First Disclosure
Summarized, the Dragonfly handshake of WPA3 and EAP-pwd is supposed to prevent dictionary attacks. However, we discovered design flaws that still enable an adversary to perform dictionary attacks. In particular, we discovered the following design flaws in WPA3 and EAP-pwd:
- Against EAP-pwd, a timing leak exists for all supported elliptic curves. An adversary within range of the victim can induce clients to connect to the adversary's Access Point (AP) and exploit this timing leak. The leaked information can be use
Bugzilla
CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack
bugzilla·2019-04-12·CVSS 8.1
CVE-2019-9497 [HIGH] CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack
CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack
A reflection attack is possible against the EAP-pwd server since the hostapd EAP server did not verify that the EAP-pwd-Commit contains scalar/element values that differ from the ones the server sent out itself. This allows the attacker to complete EAP-pwd authentication without knowing the password, but this does not result in the attacker being able to derive the session key (MSK), i.e., the attacker would not be able to complete the following key exchange (e.g., 4-way handshake in RSN/WPA).
References:
https://wpa3.mathyvanhoef.com/
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
Upstream Patch:
https://w1.fi/cgit/hostap/commit/?id=d63edfa90243e9a7de6ae5c275032f2cc79fef95
Discussion
Bugzilla
CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [fedora-all]
bugzilla·2019-04-12·CVSS 8.1
CVE-2019-9497 [HIGH] CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [fedora-all]
CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects mul
Bugzilla
CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [epel-all]
bugzilla·2019-04-12·CVSS 8.1
CVE-2019-9497 [HIGH] CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [epel-all]
CVE-2019-9497 hostapd: wpa_supplicant: EAP-pwd server not checking for reflection attack [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multipl
arXiv
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
arxiv_fulltext·2022-12-29
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
## Abstract
Currently, the development of IoT firmware heavily depends on third-party components (TPCs) to improve development efficiency. Nevertheless, TPCs are not secure, and the vulnerabilities in TPCs will influence the security of IoT firmware. Existing works pay less attention to the vulnerabilities caused by TPCs, and we still lack a comprehensive understanding of the security impact of TPC vulnerability against firmware. To fill in the knowledge gap, we design and implement , which leverages syntactical features and control-flow graph features to detect the TPCs in firmware, and then recognizes the corresponding vulnerabilities. Based on , we present the first l
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.htmlhttp://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.htmlhttps://lists.debian.org/debian-lts-announce/2019/07/msg00030.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/https://seclists.org/bugtraq/2019/May/40https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.aschttps://w1.fi/security/2019-4/https://www.synology.com/security/advisory/Synology_SA_19_16http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.htmlhttp://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.htmlhttps://lists.debian.org/debian-lts-announce/2019/07/msg00030.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/https://seclists.org/bugtraq/2019/May/40https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.aschttps://w1.fi/security/2019-4/https://www.synology.com/security/advisory/Synology_SA_19_16
2019-04-17
Published