[Buildroot] [PATCH] package/wpa_supplicant: add upstream 2020-2 security fix
Peter Korsgaard
peter at korsgaard.com
Wed Feb 10 18:54:37 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issue:
> - wpa_supplicant P2P group information processing vulnerability (no CVE yet)
> A vulnerability was discovered in how wpa_supplicant processing P2P
> (Wi-Fi Direct) group information from active group owners. The actual
> parsing of that information validates field lengths appropriately, but
> processing of the parsed information misses a length check when storing a
> copy of the secondary device types. This can result in writing attacker
> controlled data into the peer entry after the area assigned for the
> secondary device type. The overflow can result in corrupting pointers
> for heap allocations. This can result in an attacker within radio range
> of the device running P2P discovery being able to cause unexpected
> behavior, including termination of the wpa_supplicant process and
> potentially arbitrary code execution.
> For more details, see the advisory:
> https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2020.02.x and 2020.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list