Описание
ELSA-2021-1686: wpa_supplicant security, bug fix, and enhancement update (MODERATE)
[1:2.9-5]
- P2P: Fix a corner case in peer addition based on PD Request (CVE-2021-27803)
- Fix buffer overflow when processing P2P group information (CVE-2021-0326)
[1:2.9-4]
- enable WPA-EAP-SUITE-B-192 (rh #1916394)
[1:2.9-3]
- fix p2p_listen unexpectedly stopped after 5 seconds (rh #1693684)
- allow changing 'bridge' via D-Bus (rh #1888050)
- expose OWE configurability via D-Bus (rh #1888718)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
wpa_supplicant
2.9-5.el8
Oracle Linux x86_64
wpa_supplicant
2.9-5.el8
Связанные CVE
Связанные уязвимости
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
In p2p_copy_client_info of p2p.c, there is a possible out of bounds wr ...
