CVE-2021-27803 log

Source
Severity Medium
Remote Yes
Type Arbitrary code execution
Description
A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.
Group Package Affected Fixed Severity Status Ticket
AVG-1626 wpa_supplicant 2:2.9-8 2:2.10-1 High Fixed FS#69784
References
https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt
https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch
https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803