Intel Inet Wireless Daemon vulnerabilities

CVE-2024-28084 [HIGH] CWE-665 CVE-2024-28084: p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service ( p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails.

CVE-2023-52161 [HIGH] CWE-287 CVE-2023-52161: The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) bef The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key.

CVE-2020-8689 [MEDIUM] CVE-2020-8689: Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow a Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

CVE-2020-17497 [HIGH] CVE-2020-17497: eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation b eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4.