It was discovered that iwd, the iNet Wireless Daemon, does not properly handle messages in the 4-way handshake used when connecting to a protected WiFi network for the first time. An attacker can take advantage of this flaw to gain unauthorized access to a protected WiFi network if iwd is operating in Access Point (AP) mode.
https://security-tracker.debian.org/tracker/DSA-5631-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5631-1
Continue reading...