| Package | wpa |
|---|---|
| Version | 2.3-1+deb8u15 (jessie), 2:2.4-1+deb9u11 (stretch), 2:2.7+git20190128+0c1e29f-6+deb10u5 (buster) |
| Related CVEs | CVE-2024-5290 |
Local privilege escalation by loading libraries from untrusted paths has been fixed in wpasupplicant, a commonly used tool for connection and authentication in wireless and wired networks.
For Debian 10 buster, these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u5.
For Debian 8 jessie, these problems have been fixed in version 2.3-1+deb8u15.
For Debian 9 stretch, these problems have been fixed in version 2:2.4-1+deb9u11.
We recommend that you upgrade your wpa packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.