Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 780135 (CVE-2021-30004) - <net-wireless/hostapd-2.9-r4: mishandled AlgorithmIdentifier parameters may lead to forging attacks (CVE-2021-30004)
Summary: <net-wireless/hostapd-2.9-r4: mishandled AlgorithmIdentifier parameters may l...
Alias: CVE-2021-30004
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa? cve]
Keywords: PullRequest
Depends on:
Reported: 2021-04-05 01:01 UTC by John Helmert III
Modified: 2021-08-16 16:17 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---
nattka: sanity-check+


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-04-05 01:01:58 UTC

In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.

Patch at URL but seems there's no tag containing it.
Comment 1 Thomas Deutschmann gentoo-dev Security 2021-05-31 20:55:20 UTC
Only affects USE=internal-tls which isn't the default.

We are waiting for revision/tagged release with
Comment 2 Larry the Git Cow gentoo-dev 2021-06-02 12:59:44 UTC
The bug has been referenced in the following commit(s):

commit 56ce8ace503d45e60b72a79222bb6aada4c76124
Author:     Thomas Deutschmann <>
AuthorDate: 2021-06-02 12:41:04 +0000
Commit:     Thomas Deutschmann <>
CommitDate: 2021-06-02 12:59:30 +0000

    net-wireless/hostapd: fix CVE-2021-30004
    Package-Manager: Portage-3.0.19, Repoman-3.0.3
    Signed-off-by: Thomas Deutschmann <> | 115 +++++++++
 net-wireless/hostapd/hostapd-2.9-r4.ebuild         | 275 +++++++++++++++++++++
 net-wireless/hostapd/hostapd-9999.ebuild           |   2 +
 3 files changed, 392 insertions(+)
Comment 3 Sam James archtester gentoo-dev Security 2021-06-17 20:18:38 UTC
amd64 done
Comment 4 Sam James archtester gentoo-dev Security 2021-06-17 20:20:01 UTC
x86 done
Comment 5 NATTkA bot gentoo-dev 2021-06-17 22:20:32 UTC Comment hidden (obsolete)
Comment 6 Agostino Sarubbo gentoo-dev 2021-06-18 06:28:05 UTC
ppc stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2021-06-19 18:51:17 UTC
Commit did not drop keywords down to ~arch:

commit 52123dae78919046f09b506709280128faad0a96
Author: Thomas Deutschmann <>
Date:   Fri Jun 18 00:06:19 2021 +0200

    net-wireless/hostapd: rev bump for commit 6915847f2

    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Thomas Deutschmann <>

diff --git a/net-wireless/hostapd/hostapd-2.9-r3.ebuild b/net-wireless/hostapd/hostapd-2.9-r5.ebuild
similarity index 100%
rename from net-wireless/hostapd/hostapd-2.9-r3.ebuild
rename to net-wireless/hostapd/hostapd-2.9-r5.ebuild
diff --git a/net-wireless/hostapd/hostapd-2.9-r4.ebuild b/net-wireless/hostapd/hostapd-2.9-r6.ebuild
similarity index 100%
rename from net-wireless/hostapd/hostapd-2.9-r4.ebuild
rename to net-wireless/hostapd/hostapd-2.9-r6.ebuild
Comment 8 Sam James archtester gentoo-dev Security 2021-06-19 22:01:02 UTC
Oh, I see, I "fixed" the package list incorrectly. Needed to add 2 to the revision.
Comment 9 Agostino Sarubbo gentoo-dev 2021-06-21 06:18:38 UTC
ppc stable
Comment 10 Sam James archtester gentoo-dev Security 2021-06-21 07:18:59 UTC
arm done
Comment 11 Sam James archtester gentoo-dev Security 2021-06-21 19:04:08 UTC
arm64 done

all arches done
Comment 12 John Helmert III gentoo-dev Security 2021-06-21 19:12:32 UTC
Please cleanup.
Comment 13 Larry the Git Cow gentoo-dev 2021-08-16 16:17:57 UTC
The bug has been referenced in the following commit(s):

commit f8781a5c3a43ae5282b6fc64793d6150366c6193
Author:     Jakov Smolic <>
AuthorDate: 2021-08-16 14:51:22 +0000
Commit:     Sam James <>
CommitDate: 2021-08-16 16:17:35 +0000

    net-wireless/hostapd: Remove vulnerable 2.9-r5
    Signed-off-by: Jakov Smolic <>
    Signed-off-by: Sam James <>

 net-wireless/hostapd/hostapd-2.9-r5.ebuild | 270 -----------------------------
 1 file changed, 270 deletions(-)