Re: CVE Request: NetworkManager creates an open network when asked to create an adhoc-WPA network

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/14/2012 10:28 PM, Huzaifa Sidhpurwala wrote:
> Hi All,
>
> In NetworkManager, when a new wireless network was created with 
> WPA/WPA2 security, it created an open/insecure network. From the
> commit, it seems the bug exists in the kernel.
>
> Reference: https://bugzilla.redhat.com/show_bug.cgi?id=782627 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655972 
> http://cgit.freedesktop.org/NetworkManager/NetworkManager/commi/?id=69247a00eacd00617acbf1dfcee8497437b8ad39
>
>  The patch disables WPA adhoc networks completely untill a better 
> solution is found.
>
> Can a CVE id be please assigned to this issue?

Please use CVE-2012-2736 for this issue.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP2r+CAAoJEBYNRVNeJnmTEVQQAIpgUZ32ZsM02zM9mdQliKmT
EIT3pUU1mWit++/4PXvm34HH8Hy/p06nvhfxyBib42hNfuFCd+8+i+oe2c6wrcAq
QAVNjS7FXoGdTQMh1zXeTlIz4vi7f7181iGLhXKkCcwpuXvn9vyKgU4GFIqb/Gcr
FYUbBR0KXX+5cwyUNuhoxOAzo4ruPiEFqmbHUFzTJgXBdelF8GZyH0YuuhJCZ5Fw
OQh8QZ36/B4uMoFVeN6igUderHem0+dShEtCzE5qGtH1dVINJvHzTlzd+l6x5SpF
At+YdnK8s/osj8aXdmwIMfJnQ4gIF+/r78BM2tJt1KVOqyAArk+nU64/ElawpTMF
gdLlDDSDkIqlpOPB57e880ADHlYJ4uAUs418vI3m41/vjEH7DE+9QfIqa7emAX20
GNICJHbk9KWYf3990sX+IVfSeDOSLjKFcn7MgyQNnRrV13ZFd72aqMr5w8Da/Z0N
tuqAWPQYejZ1RB9Vq5wm8AFO1vE9YpDzLLn1KwFQ0ni5jctlKpDpeKTNkWLzRODG
f/1vTCn8Qruog5q2mMWKAl90BrH9HTotxf2H+XD/nGov0bZBKvOieS7YpsorQBps
R18ee4NAiZV5KZjQ1SUE1oDo/e79omjR5uQm7pcE9u0L2uXDt7Gde+T81OoyNcB4
0T5+RX5tGGn5hnuz/vUD
=KrCw
-----END PGP SIGNATURE-----