검색

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

7.231. wpa_supplicant

download PDF
An updated wpa_supplicant package that fixes one security issue and adds one enhancement is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
The wpa_supplicant package contains an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. It implements key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver.

Security Fix

CVE-2015-4142
An integer underflow flaw, leading to a buffer over-read, was found in the way wpa_supplicant handled WMM Action frames. A specially crafted frame could possibly allow an attacker within Wi-Fi radio range to cause wpa_supplicant to crash.

Enhancement

BZ#1186806
Prior to this update, wpa_supplicant did not provide a way to require the host name to be listed in an X.509 certificate's Common Name or Subject Alternative Name, and only allowed host name suffix or subject substring checks. This update introduces a new configuration directive, 'domain_match', which adds a full host name check.
All wpa_supplicant users are advised to upgrade to this updated package, which contains a backported patch to correct this issue and adds this enhancement. After installing this update, the wpa_supplicant service will be restarted automatically.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.