CVE-2021-0326
Published: 10 February 2021
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
Priority
High
CVSS 3 base score: 7.5
Status
| Package | Release | Status |
|---|---|---|
|
wpa Launchpad, Ubuntu, Debian |
Upstream |
Released
(2:2.9.0-17)
|
| Ubuntu 21.04 (Hirsute Hippo) |
Pending
(2:2.9.0-17ubuntu2)
|
|
| Ubuntu 20.10 (Groovy Gorilla) |
Released
(2:2.9-1ubuntu8.1)
|
|
| Ubuntu 20.04 LTS (Focal Fossa) |
Released
(2:2.9-1ubuntu4.2)
|
|
| Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(2:2.6-15ubuntu2.7)
|
|
| Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(2.4-0ubuntu6.7)
|
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(2.1-0ubuntu1.7+esm3)
|
|
|
Patches: Upstream: https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e |
||
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0326
- https://www.openwall.com/lists/oss-security/2021/02/03/4
- https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt
- https://w1.fi/security/2020-2/0001-P2P-Fix-copying-of-secondary-device-types-for-P2P-gr.patch
- https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e
- https://usn.ubuntu.com/usn/usn-4734-1
- https://usn.ubuntu.com/usn/usn-4734-2
- NVD
- Launchpad
- Debian