CVE-2021-0326
published 2021-02-10CVE-2021-0326: In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target…
PriorityP350high7.5CVSS 3.1
AVAACHPRNUINSUCHIHAH
EPSS
4.71%
90.7th percentile
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | wpa | < wpa 2:2.9.0-17 (bookworm) | wpa 2:2.9.0-17 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | external_wpa_supplicant_8 | >= 10:0 < 10:2021-02-01 | 10:2021-02-01 |
| platform | external_wpa_supplicant_8 | >= 11:0 < 11:2021-02-01 | 11:2021-02-01 |
| platform | external_wpa_supplicant_8 | >= 8.0:0 < 8.0:2021-02-01 | 8.0:2021-02-01 |
| platform | external_wpa_supplicant_8 | >= 8.1:0 < 8.1:2021-02-01 | 8.1:2021-02-01 |
| platform | external_wpa_supplicant_8 | >= 9:0 < 9:2021-02-01 | 9:2021-02-01 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.9HIGHAV:A/AC:M/Au:N/C:C/I:C/A:C
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4wv8-p854-pjqv: In p2p_copy_client_info of p2p
ghsa_unreviewed·2022-05-24
CVE-2021-0326 [CRITICAL] CWE-787 GHSA-4wv8-p854-pjqv: In p2p_copy_client_info of p2p
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
OSV
wpa vulnerabilities
osv·2021-02-16·CVSS 7.5
CVE-2021-0326 [HIGH] wpa vulnerabilities
wpa vulnerabilities
USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This
update provides the corresponding update for Ubuntu 14.04 ESM.
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) group information in some situations, leading to a
heap overflow. A physically proximate attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe
messages in some circumstances. An attacker could use this to cause a
denial of service. (CVE-2020-12695)
OSV
wpa vulnerabilities
osv·2021-02-11·CVSS 7.5
CVE-2021-0326 [HIGH] wpa vulnerabilities
wpa vulnerabilities
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) group information in some situations, leading to a
heap overflow. A physically proximate attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe
messages in some circumstances. An attacker could use this to cause a
denial of service. (CVE-2020-12695)
OSV
CVE-2021-0326: In p2p_copy_client_info of p2p
osv·2021-02-10·CVSS 7.5
CVE-2021-0326 [HIGH] CVE-2021-0326: In p2p_copy_client_info of p2p
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
OSV
CVE-2021-0326: In p2p_copy_client_info of p2p
osv·2021-02-01
CVE-2021-0326 CVE-2021-0326: In p2p_copy_client_info of p2p
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.
CISA ICS
Siemens SIMATIC
cisa_ics·2024-03-14
Siemens SIMATIC
ICS Advisory
##
Siemens SIMATIC
Release DateMarch 14, 2024
Alert CodeICSA-24-074-07
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC
- Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Missing Encryption of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Expected Beha
Ubuntu
wpa_supplicant and hostapd vulnerabilities
vendor_ubuntu·2021-02-16·CVSS 7.5
CVE-2021-0326 [HIGH] wpa_supplicant and hostapd vulnerabilities
Title: wpa_supplicant and hostapd vulnerabilities
Summary: Several security issues were fixed in wpa_supplicant and hostapd.
USN-4734-1 fixed several vulnerabilities in wpa_supplicant. This
update provides the corresponding update for Ubuntu 14.04 ESM.
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) group information in some situations, leading to a
heap overflow. A physically proximate attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe
messages in some circumstances. An attacker could use this to cause a
denial of service. (CVE-2020-12695)
Instructions: After a standard system update you need to reboot your computer to make
all t
Ubuntu
wpa_supplicant and hostapd vulnerabilities
vendor_ubuntu·2021-02-11·CVSS 7.5
CVE-2021-0326 [HIGH] wpa_supplicant and hostapd vulnerabilities
Title: wpa_supplicant and hostapd vulnerabilities
Summary: Several security issues were fixed in wpa_supplicant and hostapd.
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) group information in some situations, leading to a
heap overflow. A physically proximate attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe
messages in some circumstances. An attacker could use this to cause a
denial of service. (CVE-2020-12695)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Red Hat
wpa_supplicant: P2P group information processing vulnerability
vendor_redhat·2021-02-04·CVSS 7.5
CVE-2021-0326 [HIGH] CWE-120 wpa_supplicant: P2P group information processing vulnerability
wpa_supplicant: P2P group information processing vulnerability
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
A buffer overflow flaw was found in the P2P (Wi-Fi Direct) support of wpa_supplicant. This flaw allows an attacker within radio range of the vulnerable system to send a specially crafted management frame that triggers a P2P peer device information to be created or updated, leading to the crashing of the wpa_supplicant process or arbitrary c
Android
CVE-2021-0326: Android Security Bulletin 2021-02-01
CVE: CVE-2021-0326
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 8
vendor_android·2021-02-01·CVSS 7.5
CVE-2021-0326 [HIGH] CVE-2021-0326: Android Security Bulletin 2021-02-01
CVE: CVE-2021-0326
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 8
Android Security Bulletin 2021-02-01
CVE: CVE-2021-0326
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 8.1, 9, 10, 11
References: A-172937525
Debian
CVE-2021-0326: wpa - In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to...
vendor_debian·2021·CVSS 7.5
CVE-2021-0326 [HIGH] CVE-2021-0326: wpa - In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to...
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525
Scope: local
bookworm: resolved (fixed in 2:2.9.0-17)
bullseye: resolved (fixed in 2:2.9.0-17)
forky: resolved (fixed in 2:2.9.0-17)
sid: resolved (fixed in 2:2.9.0-17)
trixie: resolved (fixed in 2:2.9.0-17)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://lists.debian.org/debian-lts-announce/2021/02/msg00033.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMHPFCON6ZFCGZXSASJFKQ3UX2UIYMND/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOSA6DZUDLVOCYJNNXD6V3MRBVLCXZFH/https://source.android.com/security/bulletin/2021-02-01https://www.debian.org/security/2021/dsa-4898https://lists.debian.org/debian-lts-announce/2021/02/msg00033.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMHPFCON6ZFCGZXSASJFKQ3UX2UIYMND/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOSA6DZUDLVOCYJNNXD6V3MRBVLCXZFH/https://source.android.com/security/bulletin/2021-02-01https://www.debian.org/security/2021/dsa-4898
2021-02-10
Published