[Buildroot] [PATCH] package/wpa_supplicant: add upstream 2020-2 security fix

Peter Korsgaard peter at korsgaard.com
Fri Feb 5 13:09:50 UTC 2021


>>>>> "Yann" == Yann E MORIN <yann.morin.1998 at free.fr> writes:

 > Peter, All,
 > On 2021-02-05 13:13 +0100, Peter Korsgaard spake thusly:
 >> Fixes the following security issue:
 >> 
 >> - wpa_supplicant P2P group information processing vulnerability (no CVE yet)
 >> 
 >> A vulnerability was discovered in how wpa_supplicant processing P2P
 >> (Wi-Fi Direct) group information from active group owners.  The actual
 >> parsing of that information validates field lengths appropriately, but
 >> processing of the parsed information misses a length check when storing a
 >> copy of the secondary device types.  This can result in writing attacker
 >> controlled data into the peer entry after the area assigned for the
 >> secondary device type.  The overflow can result in corrupting pointers
 >> for heap allocations.  This can result in an attacker within radio range
 >> of the device running P2P discovery being able to cause unexpected
 >> behavior, including termination of the wpa_supplicant process and
 >> potentially arbitrary code execution.
 >> 
 >> For more details, see the advisory:
 >> https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt
 >> 
 >> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

 > Applied to master, thanks.

Thanks.

 > (I just moved the _PATCH near _VERSION and _SITE to keep similar things
 > together)

Fine. I did it like this for consistency with hostapd.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list