8.8 HIGH
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
An issue was discovered in Ubuntu wpa_supplicant that resulted in …
An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist.
References
- https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613
- https://ubuntu.com/security/notices/USN-6945-1
- https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613
- https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation/
- https://ubuntu.com/security/notices/USN-6945-1
- https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/2067613
- https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation/
- https://ubuntu.com/security/notices/USN-6945-1
Affected products
- <2:2.6-15ubuntu2.8+esm1
- <2:2.10-21ubuntu0.1
- <2.4-0ubuntu6.8+esm1
- <2:2.9-1ubuntu4.4
- <2:2.10-6ubuntu2.1
- <2.1-0ubuntu1.7+esm5
- <2:2.6-15ubuntu2.8+esm1
- <2:2.10-21ubuntu0.1
- <2.4-0ubuntu6.8+esm1
- <2:2.9-1ubuntu4.4
- <2:2.10-6ubuntu2.1
- <2.1-0ubuntu1.7+esm5
Matching in nixpkgs
pkgs.cowpatty
Offline dictionary attack against WPA/WPA2 networks
-
nixos-unstable -
- nixpkgs-unstable 4.8
pkgs.vowpal-wabbit
Machine learning system focused on online reinforcement learning
-
nixos-unstable -
- nixpkgs-unstable 9.10.0
pkgs.wpa_supplicant_gui
Qt-based GUI for wpa_supplicant
-
nixos-unstable -
- nixpkgs-unstable 2.11
pkgs.wpa_supplicant_ro_ssids
Tool for connecting to WPA and WPA2-protected wireless networks
-
nixos-unstable -
- nixpkgs-unstable 2.11
pkgs.python312Packages.vowpalwabbit
Vowpal Wabbit is a fast machine learning library for online learning, and this is the python wrapper for the project
-
nixos-unstable -
- nixpkgs-unstable 9.10.0
pkgs.python313Packages.vowpalwabbit
Vowpal Wabbit is a fast machine learning library for online learning, and this is the python wrapper for the project
-
nixos-unstable -
- nixpkgs-unstable 9.10.0
pkgs.python312Packages.mwparserfromhell
MWParserFromHell is a parser for MediaWiki wikicode
-
nixos-unstable -
- nixpkgs-unstable 0.7.2
pkgs.python313Packages.mwparserfromhell
MWParserFromHell is a parser for MediaWiki wikicode
-
nixos-unstable -
- nixpkgs-unstable 0.7.2
pkgs.vscode-extensions.twpayne.vscode-testscript
Syntax highlighting support for testscript
-
nixos-unstable -
- nixpkgs-unstable 0.0.7
Package maintainers
-
@nico202 Nicolò Balzarotti <anothersms@gmail.com>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
-
@mattmelling Matt Melling <mattmelling@fastmail.com>
-
@teh Tom Hunger <tehunger@gmail.com>
-
@jackgerrits Jack Gerrits <jack@jackgerrits.com>
-
@MarcWeber Marc Weber <marco-oweber@gmx.de>
-
@Ma27 Maximilian Bosch <maximilian@mbosch.me>
-
@DPDmancul Davide Peressoni <davide.peressoni@tuta.io>
-
@fsnkty fsnkty <fsnkty@shimeji.cafe>