packages/wpa_supplicant
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!73 [sync] PR-68: fix CVE-2024-5290

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
This commit is contained in:
openeuler-ci-bot 2024-09-05 09:11:56 +00:00 committed by Gitee
commit c055338190
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
backport-CVE-2024-5290.patch Normal file
View File

@ -0,0 +1,34 @@
https://github.com/deepin-community/wpa/commit/512af510f0ae65392ff128008252fa37fbafa26b
Description: slow certification.
When using PEAP certification, the server may use Identity's Request message
as a heartbeat; there will be many clients on the Internet to send address
01: 80: C2: 00: 03 Identity's Response message as a heartbeat; at this time
When a client is broken and reconnect, it is easy to receive this message,
resulting in triggering restart of EAPOL authentication, resulting in a slow
authentication. So Ignore the response message in the Connecting state.
Author: xinpeng wang <wangxinpeng@uniontech.com>
Origin: https://gerrit.uniontech.com/plugins/gitiles/base/wpa/+/accd188752a1b2656a92dabca48616cb9889f386
Bug: https://pms.uniontech.com/zentao/bug-view-105383.html
Last-Update: 2022-05-19
--- wpa-2.10.orig/src/eapol_supp/eapol_supp_sm.c
+++ wpa-2.10/src/eapol_supp/eapol_supp_sm.c
@@ -1357,6 +1357,15 @@ int eapol_sm_rx_eapol(struct eapol_sm *s
break;
}
}
+ {
+ const struct eap_hdr *ehdr =
+ (const struct eap_hdr *) (hdr + 1);
+ if (plen >= sizeof(*ehdr) && ehdr->code == EAP_CODE_RESPONSE &&
+ sm->SUPP_PAE_state == SUPP_PAE_CONNECTING) {
+ wpa_printf(MSG_DEBUG, "EAPOL: Ignore EAP packet with response when connecting workaround %d",sm->conf.workaround);
+ break;
+ }
+ }
if (sm->cached_pmk) {
/* Trying to use PMKSA caching, but Authenticator did

9
wpa_supplicant.spec
View File

@ -1,7 +1,7 @@
Name: wpa_supplicant
Epoch: 1
Version: 2.6
Release: 31
Release: 32
Summary: A WPA Supplicant with support for WPA and WPA2 (IEEE 802.11i / RSN)
License: BSD or GPLv2
Url: https://w1.fi/wpa_supplicant/
@ -107,6 +107,7 @@ Patch90: backport-0002-CVE-2022-23303-CVE-2022-23304.patch
Patch91: backport-0003-CVE-2022-23303-CVE-2022-23304.patch
Patch92: backport-0004-CVE-2022-23303-CVE-2022-23304.patch
Patch93: CVE-2023-52160.patch
Patch94: backport-CVE-2024-5290.patch
BuildRequires: qt-devel >= 4.0 openssl-devel readline-devel dbus-devel libnl3-devel systemd-units docbook-utils
Requires(post): systemd-sysv
@ -200,6 +201,12 @@ install -m644 %{name}/doc/docbook/*.5 %{buildroot}%{_mandir}/man5
%{_mandir}/man5/*
%changelog
* Fri Aug 09 2024 zhangxianting <zhangxianting@uniontech.com> - 1:2.6-32
- Type:cves
- ID:CVE-2024-5290
- SUG:NA
- DESC:fix CVE-2024-5290
* Thu Apr 25 2024 dillon chen <dillon.chen@gmail.com> - 1:2.6-31
- Type:cves
- ID:CVE-2023-52160