OESA-2024-2142
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-2142
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2024-2142.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2024-2142
- Upstream
- Published
- 2024-09-14T11:09:08Z
- Modified
- 2025-09-03T06:20:37.472512Z
- Summary
- wpa_supplicant security update
- Details
-
wpa_supplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver.
Security Fix(es):
An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as (usually root).
Membership in the netdev group or access to the dbus interface of wpasupplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpasupplicant process; other escalation paths might exist.(CVE-2024-5290)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP4
wpa_supplicant
Package
- Name
- wpa_supplicant
- Purl
- pkg:rpm/openEuler/wpa_supplicant&distro=openEuler-20.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6-32.oe2003sp4
Ecosystem specific
{
"src": [
"wpa_supplicant-2.6-32.oe2003sp4.src.rpm"
],
"aarch64": [
"wpa_supplicant-2.6-32.oe2003sp4.aarch64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2003sp4.aarch64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2003sp4.aarch64.rpm",
"wpa_supplicant-gui-2.6-32.oe2003sp4.aarch64.rpm",
"wpa_supplicant-help-2.6-32.oe2003sp4.aarch64.rpm"
],
"x86_64": [
"wpa_supplicant-2.6-32.oe2003sp4.x86_64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2003sp4.x86_64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2003sp4.x86_64.rpm",
"wpa_supplicant-gui-2.6-32.oe2003sp4.x86_64.rpm",
"wpa_supplicant-help-2.6-32.oe2003sp4.x86_64.rpm"
]
}openEuler:22.03-LTS-SP1
wpa_supplicant
Package
- Name
- wpa_supplicant
- Purl
- pkg:rpm/openEuler/wpa_supplicant&distro=openEuler-22.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6-32.oe2203sp1
Ecosystem specific
{
"src": [
"wpa_supplicant-2.6-32.oe2203sp1.src.rpm"
],
"aarch64": [
"wpa_supplicant-2.6-32.oe2203sp1.aarch64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2203sp1.aarch64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2203sp1.aarch64.rpm",
"wpa_supplicant-gui-2.6-32.oe2203sp1.aarch64.rpm",
"wpa_supplicant-help-2.6-32.oe2203sp1.aarch64.rpm"
],
"x86_64": [
"wpa_supplicant-2.6-32.oe2203sp1.x86_64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2203sp1.x86_64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2203sp1.x86_64.rpm",
"wpa_supplicant-gui-2.6-32.oe2203sp1.x86_64.rpm",
"wpa_supplicant-help-2.6-32.oe2203sp1.x86_64.rpm"
]
}openEuler:22.03-LTS-SP3
wpa_supplicant
Package
- Name
- wpa_supplicant
- Purl
- pkg:rpm/openEuler/wpa_supplicant&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6-32.oe2203sp3
Ecosystem specific
{
"src": [
"wpa_supplicant-2.6-32.oe2203sp3.src.rpm"
],
"aarch64": [
"wpa_supplicant-2.6-32.oe2203sp3.aarch64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2203sp3.aarch64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2203sp3.aarch64.rpm",
"wpa_supplicant-gui-2.6-32.oe2203sp3.aarch64.rpm",
"wpa_supplicant-help-2.6-32.oe2203sp3.aarch64.rpm"
],
"x86_64": [
"wpa_supplicant-2.6-32.oe2203sp3.x86_64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2203sp3.x86_64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2203sp3.x86_64.rpm",
"wpa_supplicant-gui-2.6-32.oe2203sp3.x86_64.rpm",
"wpa_supplicant-help-2.6-32.oe2203sp3.x86_64.rpm"
]
}openEuler:22.03-LTS-SP4
wpa_supplicant
Package
- Name
- wpa_supplicant
- Purl
- pkg:rpm/openEuler/wpa_supplicant&distro=openEuler-22.03-LTS-SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6-32.oe2203sp4
Ecosystem specific
{
"src": [
"wpa_supplicant-2.6-32.oe2203sp4.src.rpm"
],
"aarch64": [
"wpa_supplicant-2.6-32.oe2203sp4.aarch64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2203sp4.aarch64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2203sp4.aarch64.rpm",
"wpa_supplicant-gui-2.6-32.oe2203sp4.aarch64.rpm",
"wpa_supplicant-help-2.6-32.oe2203sp4.aarch64.rpm"
],
"x86_64": [
"wpa_supplicant-2.6-32.oe2203sp4.x86_64.rpm",
"wpa_supplicant-debuginfo-2.6-32.oe2203sp4.x86_64.rpm",
"wpa_supplicant-debugsource-2.6-32.oe2203sp4.x86_64.rpm",
"wpa_supplicant-gui-2.6-32.oe2203sp4.x86_64.rpm",
"wpa_supplicant-help-2.6-32.oe2203sp4.x86_64.rpm"
]
}openEuler:24.03-LTS
wpa_supplicant
Package
- Name
- wpa_supplicant
- Purl
- pkg:rpm/openEuler/wpa_supplicant&distro=openEuler-24.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.10-7.oe2403
Ecosystem specific
{
"src": [
"wpa_supplicant-2.10-7.oe2403.src.rpm"
],
"aarch64": [
"wpa_supplicant-2.10-7.oe2403.aarch64.rpm",
"wpa_supplicant-debuginfo-2.10-7.oe2403.aarch64.rpm",
"wpa_supplicant-debugsource-2.10-7.oe2403.aarch64.rpm",
"wpa_supplicant-gui-2.10-7.oe2403.aarch64.rpm",
"wpa_supplicant-help-2.10-7.oe2403.aarch64.rpm"
],
"x86_64": [
"wpa_supplicant-2.10-7.oe2403.x86_64.rpm",
"wpa_supplicant-debuginfo-2.10-7.oe2403.x86_64.rpm",
"wpa_supplicant-debugsource-2.10-7.oe2403.x86_64.rpm",
"wpa_supplicant-gui-2.10-7.oe2403.x86_64.rpm",
"wpa_supplicant-help-2.10-7.oe2403.x86_64.rpm"
]
}