Buffer overflow in p2p_copy_client_info (CVE-2021-0326)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

according to the recently released Android Security Bulletin—February 2021 [1],
wpa_supplicant as used by Android is affected by a buffer overflow in
p2p_copy_client_info. The issue is deemed critical by Google and given the CVE
identifier CVE-2021-0326, a patch is available at [2].

However, I could not find this patch in the current master branch of the
upstream hostapd repository at w1.fi [3]. Should it be applied upstream as
well?

Best regards,
Jonas

[1] https://source.android.com/security/bulletin/2021-02-01
[2] https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80%5E!
[3] https://w1.fi/cgit/hostap/tree/src/p2p/p2p.c

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux