Summary: | <net-wireless/wpa_supplicant-2.9-r3: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | sam, zerochaos |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt | ||
Whiteboard: | B2 [glsa+] | ||
Package list: |
net-wireless/wpa_supplicant-2.9-r5
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 780138 |
Description
Sam James
2021-02-05 04:01:03 UTC
Please apply the patch, thanks! Ping There's also 2021-1: https://w1.fi/security/2021-1/ Vulnerability A vulnerability was discovered in how wpa_supplicant processes P2P (Wi-Fi Direct) provision discovery requests. Under a corner case condition, an invalid Provision Discovery Request frame could end up reaching a state where the oldest peer entry needs to be removed. With a suitably constructed invalid frame, this could result in use (read+write) of freed memory. This can result in an attacker within radio range of the device running P2P discovery being able to cause unexpected behavior, including termination of the wpa_supplicant process and potentially code execution. Vulnerable versions/configurations The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a67f782dde9b277d96bdc762475a4ff551268061 commit a67f782dde9b277d96bdc762475a4ff551268061 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-08 05:39:50 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-08 05:41:14 +0000 net-wireless/wpa_supplicant: add security patches Patches for: * Upstream advisories 2020-2, 2021-1 * CVE-2021-30004 Bug: https://bugs.gentoo.org/768759 Bug: https://bugs.gentoo.org/780138 Signed-off-by: Sam James <sam@gentoo.org> net-wireless/wpa_supplicant/Manifest | 1 + .../wpa_supplicant/wpa_supplicant-2.9-r3.ebuild | 475 +++++++++++++++++++++ 2 files changed, 476 insertions(+) amd64 done Unable to check for sanity:
> no match for package: net-wireless/wpa_supplicant-2.9-r3
ppc stable ppc64 stable x86 stable commit did not drop any keywords: commit 99e1e98f29e5d21a2baf0aaaa79455f611f25096 Author: Thomas Deutschmann <whissi@gentoo.org> Date: Fri Jun 18 00:07:03 2021 +0200 net-wireless/wpa_supplicant: rev bump for commit f9b8bde6b + KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~mips ppc ppc64 ~sparc x86" (In reply to Sergei Trofimovich from comment #10) > commit did not drop any keywords: > > commit 99e1e98f29e5d21a2baf0aaaa79455f611f25096 > Author: Thomas Deutschmann <whissi@gentoo.org> > Date: Fri Jun 18 00:07:03 2021 +0200 > > net-wireless/wpa_supplicant: rev bump for commit f9b8bde6b > > + KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~mips ppc ppc64 ~sparc x86" I’m not sure what you mean… we were already stabilising for a security bug. We’re stable keywords accidentally added? (In reply to Sam James from comment #11) > (In reply to Sergei Trofimovich from comment #10) > > commit did not drop any keywords: > > > > commit 99e1e98f29e5d21a2baf0aaaa79455f611f25096 > > Author: Thomas Deutschmann <whissi@gentoo.org> > > Date: Fri Jun 18 00:07:03 2021 +0200 > > > > net-wireless/wpa_supplicant: rev bump for commit f9b8bde6b > > > > + KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~mips ppc ppc64 ~sparc x86" > > I’m not sure what you mean… we were already stabilising for a security bug. > We’re stable keywords accidentally added? Aha: https://bugs.gentoo.org/780135#c8. x86 done ppc stable ppc64 stable arm done arm64 done all arches done Please cleanup. cleanup complete, anything else I can do to help get this closed? GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=0195ea9f2ff90e0c5b9aab4eb5154bdb3fdb3ed7 commit 0195ea9f2ff90e0c5b9aab4eb5154bdb3fdb3ed7 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-09-30 08:38:51 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-09-30 08:39:50 +0000 [ GLSA 202309-16 ] wpa_supplicant, hostapd: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/768759 Bug: https://bugs.gentoo.org/780135 Bug: https://bugs.gentoo.org/780138 Bug: https://bugs.gentoo.org/831332 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202309-16.xml | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) |