MGASA-2021-0075

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2021-0075.html

Import Source

https://advisories.mageia.org/MGASA-2021-0075.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2021-0075

Related

CVE-2021-0326

Published

2021-02-08T17:58:05Z

Modified

2021-02-08T17:01:59Z

Summary

Updated wpa_supplicant packages fix a security vulnerability

Details

A vulnerability was discovered in how wpasupplicant processing P2P (Wi-Fi Direct) group information from active group owners. The actual parsing of that information validates field lengths appropriately, but processing of the parsed information misses a length check when storing a copy of the secondary device types. This can result in writing attacker controlled data into the peer entry after the area assigned for the secondary device type. The overflow can result in corrupting pointers for heap allocations. This can result in an attacker within radio range of the device running P2P discovery being able to cause unexpected behavior, including termination of the wpasupplicant process and potentially arbitrary code execution.

An attacker (or a system controlled by the attacker) needs to be within radio range of the vulnerable system to send a suitably constructed management frame that triggers a P2P peer device information to be created or updated. (CVE-2021-0326).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / wpa_supplicant

Package

Name: wpa_supplicant
Purl: pkg:rpm/mageia/wpa_supplicant?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9-1.3.mga7

Ecosystem specific

{
    "section": "core"
}