---

CVE-2021-0326 - log back

CVE-2021-0326 edited at 03 Feb 2021 23:22:44
Notes	+ Workaround + ========== + + The issue can be mitigated by disabling P2P, using the control interface command "P2P_SET disabled 1" or "p2p_disabled=1" in (each, if multiple interfaces used) wpa_supplicant configuration file.

CVE-2021-0326 edited at 03 Feb 2021 23:19:01
Severity	- Critical + High
References	- https://source.android.com/security/bulletin/2021-02-01 - https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80%5E! + https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27269 + https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e

CVE-2021-0326 edited at 03 Feb 2021 17:11:17
Severity	- Unknown + Critical
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A security issue was found in hostapd and wpa_supplicant version 2.9. A missing length check in the p2p_copy_client_info function could lead to a buffer overflow.
References	+ https://source.android.com/security/bulletin/2021-02-01 + https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80%5E!
Notes

CVE-2021-0326 created at 03 Feb 2021 17:06:49