CVE-2021-0326

CVE	CVE-2021-0326
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-02-10 17:15:00 UTC
Updated	2023-11-07 03:27:00 UTC
Description	In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525

Problem Types: CWE-787

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	32	All	All	All
Operating System	Fedoraproject	Fedora	34	All	All	All
Operating System	Fedoraproject	Fedora	32	All	All	All
Operating System	Google	Android	10.0	All	All	All
Operating System	Google	Android	11.0	All	All	All
Operating System	Google	Android	8.1	All	All	All
Operating System	Google	Android	9.0	All	All	All
Operating System	Google	Android	10.0	All	All	All
Operating System	Google	Android	11.0	All	All	All
Operating System	Google	Android	8.1	All	All	All
Operating System	Google	Android	9.0	All	All	All

Reference	Source	Link	Tags
[SECURITY] [DLA 2572-1] wpa security update	MLIST	lists.debian.org	Mailing List, Third Party Advisory
[SECURITY] Fedora 32 Update: wpa_supplicant-2.9-5.fc32 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org	Mailing List, Third Party Advisory
[SECURITY] Fedora 34 Update: wpa_supplicant-2.9-11.fc34 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 34 Update: wpa_supplicant-2.9-11.fc34 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
Android Security Bulletin—February 2021 \| Android Open Source Project	MISC	source.android.com	Patch, Vendor Advisory
[SECURITY] Fedora 32 Update: wpa_supplicant-2.9-5.fc32 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
Debian -- Security Information -- DSA-4898-1 wpa	DEBIAN	www.debian.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

159205 Oracle Enterprise Linux Security Update for wpa_supplicant (ELSA-2021-1686)
178562 Debian Security Update for wpa (DSA 4898-1)
180547 Debian Security Update for wpa (CVE-2021-0326)
239318 Red Hat Update for wpa_supplicant (RHSA-2021:1686)
281596 Fedora Security Update for wpa_supplicant (FEDORA-2021-defe51d282)
352380 Amazon Linux Security Advisory for wpa_supplicant: ALAS2-2021-1648
377146 Alibaba Cloud Linux Security Update for wpa_supplicant (ALINUX3-SA-2021:0019)
500744 Alpine Linux Security Update for wpa_supplicant
501508 Alpine Linux Security Update for wpa_supplicant
501790 Alpine Linux Security Update for wpa_supplicant
504519 Alpine Linux Security Update for wpa_supplicant
610317 Google Android Devices February 2021 Security Patch Missing
610318 Google Android February 2021 Security Patch Missing for Huawei EMUI
610319 Google Android February 2021 Security Patch Missing for LGE
610320 Google Android February 2021 Security Patch Missing for Samsung
670332 EulerOS Security Update for wpa_supplicant (EulerOS-SA-2021-1892)
750360 OpenSUSE Security Update for wpa_supplicant (openSUSE-SU-2021:0284-1)
752179 SUSE Enterprise Linux Security Update for wpa_supplicant (SUSE-SU-2022:1853-1)
940392 AlmaLinux Security Update for wpa_supplicant (ALSA-2021:1686)
960765 Rocky Linux Security Update for wpa_supplicant (RLSA-2021:1686)