[Midnightbsd-cvs] [MidnightBSD/src] f90da2: A vulnerability was discovered in how wpa_supplica...
Lucas Holt
noreply at github.com
Mon Nov 15 01:18:50 EST 2021
Branch: refs/heads/stable/2.1
Home: https://github.com/MidnightBSD/src
Commit: f90da209f1b3544ce5b6a99f314d26372ab09c3a
https://github.com/MidnightBSD/src/commit/f90da209f1b3544ce5b6a99f314d26372ab09c3a
Author: Lucas Holt <luke at foolishgames.com>
Date: 2021-11-15 (Mon, 15 Nov 2021)
Changed paths:
M contrib/wpa/src/p2p/p2p_pd.c
Log Message:
-----------
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.
More information about the Midnightbsd-cvs
mailing list