DSA-4898-1 wpa -- wpaID: oval:org.secpod.oval:def:605500 | Date: (C)2021-04-27 (M)2024-04-15 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in wpa_supplicant and hostapd. CVE-2020-12695 It was discovered that hostapd does not properly handle UPnP subscribe messages under certain conditions, allowing an attacker to cause a denial of service. CVE-2021-0326 It was discovered that wpa_supplicant does not properly process P2P group information from active group owners. An attacker within radio range of the device running P2P could take advantage of this flaw to cause a denial of service or potentially execute arbitrary code. CVE-2021-27803 It was discovered that wpa_supplicant does not properly process P2P provision discovery requests. An attacker within radio range of the device running P2P could take advantage of this flaw to cause a denial of service or potentially execute arbitrary code.
Product: |
hostapd |
wpagui |
wpasupplicant |