Security update for wpa_supplicant SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:0813-1 Final 1 1 2015-04-24T07:42:54Z current 2015-04-24T07:42:54Z 2015-04-24T07:42:54Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wpa_supplicant The wireless network encryption and authentication daemon wpa_supplicant was updated to fix a security issue. The following vulnerability was fixed: * CVE-2015-1863: A buffer overflow in handling SSIDs in P2P management frames allowed attackers in radio range to crash, expose memory content or potentially execute arbitrary code. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html E-Mail link for openSUSE-SU-2015:0813-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings wpa_supplicant-2.0-3.11.1 wpa_supplicant-gui-2.0-3.11.1 Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (crash), read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries. CVE-2015-1863 moderate 3.2 AV:A/AC:H/Au:N/C:N/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-05/msg00000.html https://www.suse.com/security/cve/CVE-2015-1863.html CVE-2015-1863 https://bugzilla.suse.com/915323 SUSE Bug 915323 https://bugzilla.suse.com/927558 SUSE Bug 927558