Synopsis
Moderate: wpa_supplicant security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for wpa_supplicant is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver.
Security Fix(es):
- wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant (CVE-2018-14526)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.
Affected Products
-
Red Hat Enterprise Linux Server 7 x86_64
-
Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
-
Red Hat Enterprise Linux Workstation 7 x86_64
-
Red Hat Enterprise Linux Desktop 7 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 7 s390x
-
Red Hat Enterprise Linux for Power, big endian 7 ppc64
-
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
-
Red Hat Enterprise Linux for Power, little endian 7 ppc64le
-
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
-
Red Hat Enterprise Linux for ARM 64 7 aarch64
-
Red Hat Enterprise Linux for Power 9 7 ppc64le
-
Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x
-
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
-
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
Fixes
-
BZ - 1434434
- wpa_supplicant is responding to packets which are not destined for it.
-
BZ - 1490885
- NetworkManager's mac randomization can lead into MSK mismatch with hostapd and 802.1x
-
BZ - 1614520
- CVE-2018-14526 wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| x86_64 |
|
wpa_supplicant-2.6-12.el7.x86_64.rpm
|
SHA-256: a61dcf3c31bc66497c86d007870305008e2ab6d11fc6a570af179afa19bfcbc2 |
|
wpa_supplicant-debuginfo-2.6-12.el7.x86_64.rpm
|
SHA-256: a99c0944f1fced2fe3359b279e8ed6013eb5caa4552f2a7eb226ce4fd66cd263 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| x86_64 |
|
wpa_supplicant-2.6-12.el7.x86_64.rpm
|
SHA-256: a61dcf3c31bc66497c86d007870305008e2ab6d11fc6a570af179afa19bfcbc2 |
|
wpa_supplicant-debuginfo-2.6-12.el7.x86_64.rpm
|
SHA-256: a99c0944f1fced2fe3359b279e8ed6013eb5caa4552f2a7eb226ce4fd66cd263 |
Red Hat Enterprise Linux Workstation 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| x86_64 |
|
wpa_supplicant-2.6-12.el7.x86_64.rpm
|
SHA-256: a61dcf3c31bc66497c86d007870305008e2ab6d11fc6a570af179afa19bfcbc2 |
|
wpa_supplicant-debuginfo-2.6-12.el7.x86_64.rpm
|
SHA-256: a99c0944f1fced2fe3359b279e8ed6013eb5caa4552f2a7eb226ce4fd66cd263 |
Red Hat Enterprise Linux Desktop 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| x86_64 |
|
wpa_supplicant-2.6-12.el7.x86_64.rpm
|
SHA-256: a61dcf3c31bc66497c86d007870305008e2ab6d11fc6a570af179afa19bfcbc2 |
|
wpa_supplicant-debuginfo-2.6-12.el7.x86_64.rpm
|
SHA-256: a99c0944f1fced2fe3359b279e8ed6013eb5caa4552f2a7eb226ce4fd66cd263 |
Red Hat Enterprise Linux for IBM z Systems 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| s390x |
|
wpa_supplicant-2.6-12.el7.s390x.rpm
|
SHA-256: fdcefbc7cf164c3beac1d1b899f095c0893dfbcd5516e501cfae880ede862341 |
|
wpa_supplicant-debuginfo-2.6-12.el7.s390x.rpm
|
SHA-256: 80c45ad55f1d48e80ca8d478cf36717492d6bacb3322b8e2277bf8c7a4d14c13 |
Red Hat Enterprise Linux for Power, big endian 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| ppc64 |
|
wpa_supplicant-2.6-12.el7.ppc64.rpm
|
SHA-256: 499ff924649e7a70c49f22b722b5fe11400a75462a0b0fd51fbe71d09f710399 |
|
wpa_supplicant-debuginfo-2.6-12.el7.ppc64.rpm
|
SHA-256: 29eba533435998742b501915435c186bb11c41ca03cb4234232fbc55e3651fe1 |
Red Hat Enterprise Linux for Scientific Computing 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| x86_64 |
|
wpa_supplicant-2.6-12.el7.x86_64.rpm
|
SHA-256: a61dcf3c31bc66497c86d007870305008e2ab6d11fc6a570af179afa19bfcbc2 |
|
wpa_supplicant-debuginfo-2.6-12.el7.x86_64.rpm
|
SHA-256: a99c0944f1fced2fe3359b279e8ed6013eb5caa4552f2a7eb226ce4fd66cd263 |
Red Hat Enterprise Linux for Power, little endian 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| ppc64le |
|
wpa_supplicant-2.6-12.el7.ppc64le.rpm
|
SHA-256: a16457ce2379ba1c12e4f2a8afa7fc4d8dbc42cb68b37c064e5886421de21f95 |
|
wpa_supplicant-debuginfo-2.6-12.el7.ppc64le.rpm
|
SHA-256: f218385041853bdefff31b814101c3fc69c60171949749f9dee1222291f48b97 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| s390x |
|
wpa_supplicant-2.6-12.el7.s390x.rpm
|
SHA-256: fdcefbc7cf164c3beac1d1b899f095c0893dfbcd5516e501cfae880ede862341 |
|
wpa_supplicant-debuginfo-2.6-12.el7.s390x.rpm
|
SHA-256: 80c45ad55f1d48e80ca8d478cf36717492d6bacb3322b8e2277bf8c7a4d14c13 |
Red Hat Enterprise Linux for ARM 64 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| aarch64 |
|
wpa_supplicant-2.6-12.el7.aarch64.rpm
|
SHA-256: 32f7ae27de74702af59a15e68e1d5944e4071aad137ed5b42b46fc9bfce93a59 |
|
wpa_supplicant-debuginfo-2.6-12.el7.aarch64.rpm
|
SHA-256: 73127dfe69b6a9eb7f8aea413d2cd6e9c7ae866eba6a8149c6e5f6cb9fb5b1eb |
Red Hat Enterprise Linux for Power 9 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| ppc64le |
|
wpa_supplicant-2.6-12.el7.ppc64le.rpm
|
SHA-256: a16457ce2379ba1c12e4f2a8afa7fc4d8dbc42cb68b37c064e5886421de21f95 |
|
wpa_supplicant-debuginfo-2.6-12.el7.ppc64le.rpm
|
SHA-256: f218385041853bdefff31b814101c3fc69c60171949749f9dee1222291f48b97 |
Red Hat Enterprise Linux for IBM System z (Structure A) 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| s390x |
|
wpa_supplicant-2.6-12.el7.s390x.rpm
|
SHA-256: fdcefbc7cf164c3beac1d1b899f095c0893dfbcd5516e501cfae880ede862341 |
|
wpa_supplicant-debuginfo-2.6-12.el7.s390x.rpm
|
SHA-256: 80c45ad55f1d48e80ca8d478cf36717492d6bacb3322b8e2277bf8c7a4d14c13 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| ppc64 |
|
wpa_supplicant-2.6-12.el7.ppc64.rpm
|
SHA-256: 499ff924649e7a70c49f22b722b5fe11400a75462a0b0fd51fbe71d09f710399 |
|
wpa_supplicant-debuginfo-2.6-12.el7.ppc64.rpm
|
SHA-256: 29eba533435998742b501915435c186bb11c41ca03cb4234232fbc55e3651fe1 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7
| SRPM |
|
wpa_supplicant-2.6-12.el7.src.rpm
|
SHA-256: 2a9c47b5d896668b17bc3470f0ca77e94c0358de40c7f975afcadb2f308724fe |
| ppc64le |
|
wpa_supplicant-2.6-12.el7.ppc64le.rpm
|
SHA-256: a16457ce2379ba1c12e4f2a8afa7fc4d8dbc42cb68b37c064e5886421de21f95 |
|
wpa_supplicant-debuginfo-2.6-12.el7.ppc64le.rpm
|
SHA-256: f218385041853bdefff31b814101c3fc69c60171949749f9dee1222291f48b97 |
