CVE-2024-5290Uncontrolled Search Path Element in LTD WPA Supplicant

CWE-427Uncontrolled Search Path Element8 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 46.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Canonical LTD WPA SupplicantDebian WPA
Timeline
PublishedAug 7
Latest updateDec 6

Description

An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

debiandebian/wpa< wpa 2:2.10-12+deb12u2 (bookworm)
CVEListV5canonical_ltd/wpa_supplicant2:2.10-152:2.10-21ubuntu0.1+5
Debiancanonical_ltd/wpa_supplicant< 2:2.9.0-21+deb11u2+3

🔴Vulnerability Details

2
GHSA
GHSA-c2m5-cmpw-rjcx: An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to e2024-08-07
OSV
CVE-2024-5290: An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to e2024-08-07

📋Vendor Advisories

3
Red Hat
wpa_supplicant: wpa_supplicant loading arbitrary shared objects allowing privilege escalation2024-08-07
Ubuntu
wpa_supplicant and hostapd vulnerability2024-08-06
Debian
CVE-2024-5290: wpa - An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arb...2024

🕵️Threat Intelligence

2
Securelist
Exploits and vulnerabilities in Q3 20242024-12-06
Securelist
Analyzing the vulnerability landscape in Q3 20242024-12-06