Bug 28438 - wpa_supplicant new security issue CVE-2021-27803
Summary: wpa_supplicant new security issue CVE-2021-27803
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7TOO MGA7-32-OK MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2021-02-25 21:25 CET by David Walser
Modified: 2021-03-05 23:39 CET (History)
4 users (show)

See Also:
Source RPM: wpa_supplicant-2.9-7.mga8.src.rpm
CVE: CVE-2021-27803
Status comment:


Attachments

Description David Walser 2021-02-25 21:25:14 CET
An advisory has been issued today (February 25):
https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt

The patch is here and will be included in 2.10:
https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch

Like our last update, the issue affects P2P mode.

Mageia 7 and Mageia 8 are also affected.
David Walser 2021-02-25 21:25:30 CET

Status comment: (none) => Patch available from upstream
Whiteboard: (none) => MGA8TOO, MGA7TOO

Comment 1 David Walser 2021-02-27 18:34:36 CET
This has been assigned CVE-2021-27803:
https://www.openwall.com/lists/oss-security/2021/02/27/1

Summary: wpa_supplicant new security issue (upstream 2021-1) => wpa_supplicant new security issue CVE-2021-27803

Comment 2 Nicolas Lécureuil 2021-02-27 23:35:09 CET
fix pushed in mga7/8:

src:
    - wpa_supplicant-2.9-1.4.mga7
    - wpa_supplicant-2.9-8.1.mga8

Whiteboard: MGA8TOO, MGA7TOO => MGA7TOO
Assignee: bugsquad => qa-bugs
Version: Cauldron => 8
Status comment: Patch available from upstream => (none)
CC: (none) => mageia

Comment 3 David Walser 2021-02-27 23:46:17 CET
RPMS list:
wpa_supplicant-2.9-1.4.mga7
wpa_supplicant-gui-2.9-1.4.mga7
wpa_supplicant-2.9-8.1.mga8
wpa_supplicant-gui-2.9-8.1.mga8
Comment 4 Thomas Andrews 2021-02-28 17:24:28 CET
AMD Phenom II X4, 8GB, Atheros wifi, 32-bit M7 Plasma system. Also, same hardware, 64-bit M8 Plasma system.

Updated wpa_supplicant. No installation issues. Rebooted, just to make sure the updated package was the one being used. No issues noted on either install.

Looks OK here. Validating for both.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs
Whiteboard: MGA7TOO => MGA7TOO MGA7-32-OK MGA8-64-OK

Aurelien Oudelet 2021-02-28 22:46:26 CET

CC: (none) => ouaurelien
Whiteboard: MGA7TOO MGA7-32-OK MGA8-64-OK => MGA7-32-OK MGA8-64-OK
CVE: (none) => CVE-2021-27803

Aurelien Oudelet 2021-02-28 22:47:53 CET

Whiteboard: MGA7-32-OK MGA8-64-OK => MGA7TOO MGA7-32-OK MGA8-64-OK

Comment 5 Aurelien Oudelet 2021-03-01 14:28:38 CET
MGA8 x86_64 with Plasma and Intel AX200 for WiFi 6 chip

Installing it over wpa_supplicant-2.9-8.mga8 using QA Repo.
Success.
WiFi runs well, connects correctly to a WPA2 protected Wireless Network
Link is stable.

and MGA7 x86_64 with Plasma and Intel 8260 WiFi 5 chip
Installing it over wpa_supplicant-2.9-1.3.mga7 using QA Repo.
Success.
WiFi runs well, connects correctly to a WPA2 protected Wireless Network
Link is stable.
Comment 6 Aurelien Oudelet 2021-03-01 14:37:15 CET
Advisory:
========================

Updated wpa_ssupplicant packages fix security vulnerability:

  A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before
  2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result
  in denial of service or other impact (potentially execution of arbitrary code),
  for an attacker within radio range (CVE-2021-27803).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27803
https://bugs.mageia.org/show_bug.cgi?id=28438
https://www.openwall.com/lists/oss-security/2021/02/27/1
https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt

========================

Updated packages in core/updates_testing:
========================
wpa_supplicant-2.9-1.4.mga7
wpa_supplicant-gui-2.9-1.4.mga7

wpa_supplicant-2.9-8.1.mga8
wpa_supplicant-gui-2.9-8.1.mga8

from SRPMS:
wpa_supplicant-2.9-1.4.mga7
wpa_supplicant-2.9-8.1.mga8


Advisory commited to SVN.

Keywords: (none) => advisory

Comment 7 Mageia Robot 2021-03-02 23:35:22 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0095.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 8 David Walser 2021-03-05 23:39:29 CET
Ubuntu has issued an advisory for this on March 3:
https://ubuntu.com/security/notices/USN-4757-1

Note You need to log in before you can comment on or make changes to this bug.