RHEL 7 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: local configuration update allows privilege escalation CVE-2016-4477 - wpasupplicant: P2P...

SUSE-SU-2022:1853-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2022-23303, CVE-2022-23304: Fixed SAE/EAP-pwd side-channel attacks bsc1194732, bsc1194733 - CVE-2021-0326: Fixed P2P group information processing vulnerability bsc1181777 - Fix systemd device ready dependencies in...

CentOS 8 : wpa_supplicant (CESA-2021:1686)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:1686 advisory. - wpasupplicant: P2P group information processing vulnerability CVE-2021-0326 Note that Nessus has not tested for this issue but has instead relied only on the...

wpa_supplicant security, bug fix, and enhancement update

An update is available for wpasupplicant. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The wpasupplicant packages contain an 802.1X Supplicant with support fo...

OPENSUSE-SU-2021:0284-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2021-0326: P2P group information processing vulnerability bsc1181777. This update was imported from the SUSE:SLE-15:Update update project...

Security update for wpa_supplicant (important)

openSUSE Security Update: Security update for wpasupplicant Announcement ID: openSUSE-SU-2021:0284-1 Rating: important References: 1181777 Cross-References: CVE-2021-0326 CVSS scores: CVE-2021-0326 SUSE: 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 An...

MGASA-2021-0075 Updated wpa_supplicant packages fix a security vulnerability

A vulnerability was discovered in how wpasupplicant processing P2P Wi-Fi Direct group information from active group owners. The actual parsing of that information validates field lengths appropriately, but processing of the parsed information misses a length check when storing a copy of the...

ASB-A-172937525

In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation...