Researchers have identified a vulnerability in wpa_supplicant, the popular Wi-Fi Protected Access (WPA) supplicant for Linux, BSD, Mac OS X, Windows, and various other operating systems.
According to an advisory published on Wednesday by Malinen, the supplicant is plagued by a security bug (CVE-2015-1863) that can lead to unexpected program behavior, exposure of memory contents, denial-of-service (DoS), and possibly even arbitrary code execution.
A patch has been released to address the issue. The fix will also be included in wpa_supplicant 2.5 when it becomes available. The vulnerability can also be mitigated by disabling P2P.
FULL STORY HERE