[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: NetworkManager creates an open network when asked to create an adhoc
From: Yves-Alexis Perez <corsac () debian ! org>
Date: 2012-06-15 5:43:19
Message-ID: 1339738999.10233.23.camel () scapa
[Download RAW message or body]
On jeu., 2012-06-14 at 22:52 -0600, Kurt Seifried wrote:
> On 06/14/2012 10:28 PM, Huzaifa Sidhpurwala wrote:
> > Hi All,
> >
> > In NetworkManager, when a new wireless network was created with
> > WPA/WPA2 security, it created an open/insecure network. From the
> > commit, it seems the bug exists in the kernel.
> >
> > Reference: https://bugzilla.redhat.com/show_bug.cgi?id=782627
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655972
> > http://cgit.freedesktop.org/NetworkManager/NetworkManager/commi/?id=69247a00eacd00617acbf1dfcee8497437b8ad39
> >
> > The patch disables WPA adhoc networks completely untill a better
> > solution is found.
> >
> > Can a CVE id be please assigned to this issue?
>
> Please use CVE-2012-2736 for this issue.
>
>
And shouldn't something been done on the kernel part? I'm not sure how
it behaves but if it silently create an open ad-hoc connection while it
was requested a wpa one by the application, that looks like something
warranting a CVE too.
Regards,
--
Yves-Alexis
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic