Skip to content

Document more known CVEs in additional packages documentation #368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Document more known CVEs in additional packages documentation #368

wants to merge 1 commit into from

Conversation

bleader
Copy link
Contributor

@bleader bleader commented Jul 7, 2025

  • wpa_supplicant
  • mc

Before submitting the pull request, you must agree with the following statements by checking both boxes with a 'x'.

  • "I accept that my contribution is placed under the CC BY-SA 2.0 license [1]."
  • "My contribution complies with the Developer Certificate of Origin [2]."

[1] https://creativecommons.org/licenses/by-sa/2.0/
[2] https://docs.xcp-ng.org/project/contributing/#developer-certificate-of-origin-dco

@bleader bleader requested a review from stormi July 7, 2025 16:32
stormi
stormi reviewed Jul 8, 2025
View reviewed changes
@bleader bleader requested a review from thomas-dkmt July 8, 2025 09:53
@bleader
Document more known CVEs in additional packages documentation
546403b 
- wpa_supplicant
- mc

Signed-off-by: David Morel <[email protected]>
@bleader bleader force-pushed the dml-additional-pkgs-cves branch from 7dc5cfa to 546403b Compare July 18, 2025 11:45
thomas-dkmt
thomas-dkmt reviewed Jul 21, 2025
View reviewed changes
docs/management/additional-packages.md
@@ -61,6 +61,10 @@ The controller domain is not an all-purpose Linux system. It must remain minimal

### 5. Known Security Risks in additional packages

:::tip
Additional Packages are not meant to be in the base installation and only present for convenience. Unless considered truly critical, the security updates on these packages is best effort.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Additional Packages are not meant to be in the base installation and only present for convenience. Unless considered truly critical, the security updates on these packages is best effort.
Additional packages are not meant to be in the base installation. They are only present for convenience. Unless considered truly critical, the security updates on these packages is best effort.

thomas-dkmt
thomas-dkmt reviewed Jul 21, 2025
View reviewed changes
docs/management/additional-packages.md

- [CVE-2023-52160](https://www.cvedetails.com/cve/CVE-2023-52160): A configuration that does not verify the TLS certificate when using PEAP can allow authentication bypass.
- [CVE-2019-9494](https://www.cvedetails.com/cve/CVE-2019-9494),[CVE-2019-9495](https://www.cvedetails.com/cve/CVE-2019-9495), [CVE-2022-23303](https://www.cvedetails.com/cve/CVE-2022-23303), [CVE-2022-23304](https://www.cvedetails.com/cve/CVE-2022-23304): SAE and EAP-pwd are vulnerable to side channel attacks as a result of cache access patterns leakage.
- [CVE-2021-27803](https://www.cvedetails.com/cve/CVE-2021-27803): Improper handling of P2P provision discovery requests may lead to security issues could lead to various security issues, including Denial of Service, and possibly arbitrary code execution.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- [CVE-2021-27803](https://www.cvedetails.com/cve/CVE-2021-27803): Improper handling of P2P provision discovery requests may lead to security issues could lead to various security issues, including Denial of Service, and possibly arbitrary code execution.
- [CVE-2021-27803](https://www.cvedetails.com/cve/CVE-2021-27803): Improper handling of P2P provision discovery requests may lead to security issues, including Denial of Service, and possibly arbitrary code execution.

thomas-dkmt
thomas-dkmt reviewed Jul 21, 2025
View reviewed changes
docs/management/additional-packages.md
- [CVE-2023-52160](https://www.cvedetails.com/cve/CVE-2023-52160): A configuration that does not verify the TLS certificate when using PEAP can allow authentication bypass.
- [CVE-2019-9494](https://www.cvedetails.com/cve/CVE-2019-9494),[CVE-2019-9495](https://www.cvedetails.com/cve/CVE-2019-9495), [CVE-2022-23303](https://www.cvedetails.com/cve/CVE-2022-23303), [CVE-2022-23304](https://www.cvedetails.com/cve/CVE-2022-23304): SAE and EAP-pwd are vulnerable to side channel attacks as a result of cache access patterns leakage.
- [CVE-2021-27803](https://www.cvedetails.com/cve/CVE-2021-27803): Improper handling of P2P provision discovery requests may lead to security issues could lead to various security issues, including Denial of Service, and possibly arbitrary code execution.
- [CVE-2019-16275](https://www.cvedetails.com/cve/CVE-2019-16275): An attacker can send specially crafted 802.11 frames to trigger a denial-of-service (DoS) condition.
Copy link
Collaborator

@thomas-dkmt thomas-dkmt Jul 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For better consistency, we should pick one of these spellings and keep it that way throughout the document:

  • Denial of Service
  • denial-of-service

thomas-dkmt
thomas-dkmt reviewed Jul 21, 2025
View reviewed changes
docs/management/additional-packages.md
- [CVE-2019-9494](https://www.cvedetails.com/cve/CVE-2019-9494),[CVE-2019-9495](https://www.cvedetails.com/cve/CVE-2019-9495), [CVE-2022-23303](https://www.cvedetails.com/cve/CVE-2022-23303), [CVE-2022-23304](https://www.cvedetails.com/cve/CVE-2022-23304): SAE and EAP-pwd are vulnerable to side channel attacks as a result of cache access patterns leakage.
- [CVE-2021-27803](https://www.cvedetails.com/cve/CVE-2021-27803): Improper handling of P2P provision discovery requests may lead to security issues could lead to various security issues, including Denial of Service, and possibly arbitrary code execution.
- [CVE-2019-16275](https://www.cvedetails.com/cve/CVE-2019-16275): An attacker can send specially crafted 802.11 frames to trigger a denial-of-service (DoS) condition.
- [CVE-2019-11555](https://www.cvedetails.com/cve/CVE-2019-11555): Improper validation of EAP-pwd fragmentation reassembly could lead to a Denial of Service.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like PWD is written in capital letters? https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol#EAP_Password_(EAP-PWD)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thomas-dkmt thomas-dkmt thomas-dkmt left review comments

@stormi stormi stormi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bleader @stormi @thomas-dkmt