Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2025-02-20 11:03:03 -05:00
Code Issues Projects Releases Wiki Activity
fragattacks/src
History
Jouni Malinen 8057821706 EAP-pwd peer: Fix last fragment length validation 
All but the last fragment had their length checked against the remaining
room in the reassembly buffer. This allowed a suitably constructed last
fragment frame to try to add extra data that would go beyond the buffer.
The length validation code in wpabuf_put_data() prevents an actual
buffer write overflow from occurring, but this results in process
termination. (CVE-2015-5315)

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-10 18:40:54 +02:00
..
ap
eap_sim_db: Implement eap_sim_db_expire_pending()
2015-10-31 16:28:16 +02:00
common
Use "STATUS-NO_EVENTS" instead of "STATUS" in get_wpa_status function
2015-11-01 21:05:10 +02:00
crypto
TLS: Fix memory leak with multiple TLS server instances
2015-10-31 18:15:22 +02:00
drivers
privsep: Avoid undefined behavior in pointer arithmetic
2015-10-25 19:37:16 +02:00
eap_common
EAP-pwd: Add support for Brainpool Elliptic Curves
2015-11-01 11:29:06 +02:00
eap_peer
EAP-pwd peer: Fix last fragment length validation
2015-11-10 18:40:54 +02:00
eap_server
eap_sim_db: Implement eap_sim_db_expire_pending()
2015-10-31 16:28:16 +02:00
eapol_auth
Remove unreachable PMKSA cache entry addition on Access-Accept
2015-10-14 18:43:26 +03:00
eapol_supp
Add build option to remove all internal RC4 uses
2015-08-02 16:52:56 +03:00
fst
FST: Mark fst_ies buffer const
2015-08-03 17:40:30 +03:00
l2_packet
l2_packet: Add build option to disable Linux packet socket workaround
2015-10-25 19:56:53 +02:00
p2p
P2P: Filter control chars in group client device name similarly to peer
2015-10-26 23:43:45 +02:00
pae
MACsec: Update protect frames and replay on reauthentication
2014-12-09 16:56:10 +02:00
radius
RADIUS: Avoid undefined behavior in pointer arithmetic
2015-10-25 15:34:59 +02:00
rsn_supp
wpa_supplicant: Add GTK RSC relaxation workaround
2015-11-01 21:00:22 +02:00
tls
TLS: Avoid undefined behavior in pointer arithmetic
2015-10-25 15:34:59 +02:00
utils
Do not write ERROR level log entries if debug file is not used
2015-10-25 20:45:02 +02:00
wps
WPS: Avoid undefined behavior in pointer arithmetic
2015-10-18 11:37:47 +03:00
lib.rules
Add QUIET=1 option for make
2014-12-29 15:49:05 +02:00
Makefile
FST: Add the Fast Session Transfer (FST) module
2015-07-16 18:26:15 +03:00