Unrated severityNVD Advisory· Published Jun 15, 2015· Updated May 6, 2026

CVE-2015-4141

Description

The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.

Affected products

W1.fi/Hostapd11 versions
cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
W1.fi/Wpa Supplicant11 versions
cpe:2.3:a:w1.fi:wpa_supplicant:0.7.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:w1.fi:wpa_supplicant:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
OpenSUSE/openSUSE2 versions
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-updates/2015-06/msg00019.htmlnvdThird Party Advisory
w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txtnvdVendor Advisory
security.gentoo.org/glsa/201606-17nvdThird Party Advisory
www.openwall.com/lists/oss-security/2015/05/09/4nvdMailing List
www.openwall.com/lists/oss-security/2015/05/31/6nvdMailing List
www.debian.org/security/2015/dsa-3397nvd
www.ubuntu.com/usn/USN-2650-1nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000