Buffer overflow in p2p_copy_client_info (CVE-2021-0326)
Jouni Malinen
j at w1.fi
Wed Feb 3 18:16:16 EST 2021
On Wed, Feb 03, 2021 at 05:51:02PM +0100, Jonas Witschel wrote:
> according to the recently released Android Security Bulletin—February 2021 [1],
> wpa_supplicant as used by Android is affected by a buffer overflow in
> p2p_copy_client_info. The issue is deemed critical by Google and given the CVE
> identifier CVE-2021-0326, a patch is available at [2].
>
> However, I could not find this patch in the current master branch of the
> upstream hostapd repository at w1.fi [3]. Should it be applied upstream as
> well?
Yes, it is there now:
https://w1.fi/cgit/hostap/commit/?id=947272febe24a8f0ea828b5b2f35f13c3821901e
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list