CVE-2021-30004
published 2021-04-02CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
PriorityP425medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
EPSS
1.67%
73.9th percentile
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wpa | — | — |
| msrc | cbl2_wpa_supplicant_2.9-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_wpa_supplicant_2.9-4_on_cbl_mariner_1.0 | — | — |
| w1.fi | hostapd | — | — |
| w1.fi | wpa_supplicant | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.3MEDIUM
vendor_debian5.3LOW
vendor_msrc5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
In wpa_supplicant and hostapd 2.9 forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
vendor_msrc·2021-04-13·CVSS 5.3
CVE-2021-30004 [MEDIUM] CWE-20 In wpa_supplicant and hostapd 2.9 forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
In wpa_supplicant and hostapd 2.9 forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
mitre: mitre
Red Hat
wpa_supplicant: mishandled AlgorithmIdentifier parameters may lead to forging attacks
vendor_redhat·2021-03-14·CVSS 5.3
CVE-2021-30004 [MEDIUM] CWE-20 wpa_supplicant: mishandled AlgorithmIdentifier parameters may lead to forging attacks
wpa_supplicant: mishandled AlgorithmIdentifier parameters may lead to forging attacks
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
A flaw was found in wpa_supplicant, in the way it handled digest algorithm parameters when validating a signature. This flaw could be exploited to perform potential forging attacks. The highest threat from this vulnerability is to data integrity.
Statement: This issue only affects the "internal" TLS implementation. The versions of `wpa_supplicant` as shipped with Red Hat Enterprise Linux 6, 7, and 8 are not affected by this flaw, as they use the OpenSSL implementation by default. More specifically, the `CONFIG_TLS=internal` flag is not set at compile time.
Debian
CVE-2021-30004: wpa - In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmId...
vendor_debian·2021·CVSS 5.3
CVE-2021-30004 [MEDIUM] CVE-2021-30004: wpa - In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmId...
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
GHSA
GHSA-mwxw-68wg-34jm: In wpa_supplicant and hostapd 2
ghsa_unreviewed·2022-05-24
CVE-2021-30004 [MEDIUM] CWE-20 GHSA-mwxw-68wg-34jm: In wpa_supplicant and hostapd 2
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
OSV
CVE-2021-30004: In wpa_supplicant and hostapd 2
osv·2021-04-02·CVSS 5.3
CVE-2021-30004 [MEDIUM] CVE-2021-30004: In wpa_supplicant and hostapd 2
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-04-02
Published