Vulnerability CVE-2021-27803

Vulnerability Name:

CVE-2021-27803 (CCN-197521)

Assigned:

2021-02-25

Published:

2021-02-25

Updated:

2022-05-23

Summary:

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Adjacent Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Adjacent Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

5.4 Medium (CVSS v2 Vector: AV:A/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Adjacent_Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-noinfo
CWE-416

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-27803

Source: MLIST
Type: Mailing List, Mitigation, Third Party Advisory
[oss-security] 20210227 Re: wpa_supplicant P2P provision discovery processing vulnerability

Source: XF
Type: UNKNOWN
w1fi-cve202127803-code-exec(197521)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210302 [SECURITY] [DLA 2581-1] wpa security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-99cad2b81f

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-3430f96019

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-9b00febe54

Source: CCN
Type: oss-sec Mailing List, Thu, 25 Feb 2021 21:03:50 +0200
wpa_supplicant P2P provision discovery processing vulnerability

Source: CCN
Type: oss-sec Mailing List, Sat, 27 Feb 2021 07:54:16 +0100
Re: wpa_supplicant P2P provision discovery processing vulnerability

Source: MISC
Type: Patch, Vendor Advisory
https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch

Source: CCN
Type: W1.Fi Web site
wpa_supplicant P2P provision discovery processing vulnerability

Source: MISC
Type: Mitigation, Vendor Advisory
https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt

Source: DEBIAN
Type: Third Party Advisory
DSA-4898

Source: MISC
Type: Mailing List, Mitigation, Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/02/25/3

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-27803

Vulnerable Configuration:

Configuration 1:

cpe:/a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:* (Version >= 1.0 and < 2.10)

Configuration 2:

cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:w1.fi:wpa_supplicant:2.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7829	P	wpa_supplicant-2.10-150500.1.3 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3573	P	libapr-util1-1.5.3-2.8.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3222	P	libopenssl-devel-1.0.2p-1.13 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94685	P	libpcre2-16-0-10.39-150400.2.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94852	P	wpa_supplicant-2.9-4.33.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:333	P	wpa_supplicant-2.9-4.29.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:386	P	wpa_supplicant-2.9-4.33.1 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:93170	P	(Moderate)	2022-03-24
oval:org.opensuse.security:def:93323	P	(Moderate)	2022-03-04
oval:org.opensuse.security:def:99213	P	(Moderate)	2022-02-18
oval:org.opensuse.security:def:113587	P	wpa_supplicant-2.9-13.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:102225	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:106973	P	wpa_supplicant-2.9-13.4 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:1262	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2021-09-16
oval:org.opensuse.security:def:101398	P	salt-api-3002.2-6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101109	P	wpa_supplicant-2.9-4.29.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72092	P	wpa_supplicant-2.9-4.29.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62351	P	wpa_supplicant-2.9-4.29.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:111259	P	Security update for wpa_supplicant (Important)	2021-03-14
oval:com.redhat.rhsa:def:20210809	P	RHSA-2021:0809: wpa_supplicant security update (Important)	2021-03-11
oval:com.redhat.rhsa:def:20210808	P	RHSA-2021:0808: wpa_supplicant security update (Important)	2021-03-10
oval:org.opensuse.security:def:30037	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:59603	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:88578	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:54772	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:84280	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:127231	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:33092	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:24034	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:57564	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:86734	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:51176	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:82156	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:31354	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:59861	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:89258	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:21422	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:55305	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:84738	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:33780	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:28949	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:58093	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:87556	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:51745	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:82689	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:125667	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:31741	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:89516	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:23188	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:55860	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:85818	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:34038	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:29482	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:58915	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:88261	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:52022	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:83244	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:126834	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:32270	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:23757	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:57177	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:86205	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:81116	P	Security update for wpa_supplicant (Important)	2021-03-09
oval:org.opensuse.security:def:34647	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:69800	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:99808	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:108891	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:10410	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:8713	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:92068	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:64662	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:9660	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:92858	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:117578	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:69999	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:100120	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:8907	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:92263	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:67053	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:99410	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:9859	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:93017	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:70356	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:60470	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:97270	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:73784	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:95512	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:9102	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:92460	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:69602	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:99609	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:108064	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:5964	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:70550	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:99018	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:76121	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:9462	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:92659	P	Security update for wpa_supplicant (Important)	2021-03-08

BACK