]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: cd279ae) | patch
wpa-supplicant: fix CVE-2021-27803
authorStefan Ghinea <stefan.ghinea@windriver.com>
Wed, 3 Mar 2021 18:53:08 +0000 (20:53 +0200)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 6 Mar 2021 22:36:34 +0000 (22:36 +0000)
commit81e4260b83c52558c320fd7d1c1eafcb312ad6be
tree25ef78b07fa06942387773f34b83377e675746b8tree | snapshot
parentcd279aeb986b4676ea8ecb1e7b12c7e29e83460acommit | diff
wpa-supplicant: fix CVE-2021-27803

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant
before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests.
It could result in denial of service or other impact (potentially
execution of arbitrary code), for an attacker within radio range.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-27803

Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32

Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/CVE-2021-27803.patch [new file with mode: 0644] blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb diff | blob | history
Mirror of the official openembedded-core repository