CVE-2021-27803

CVSS v3.1

7.5

High

Vector

AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions wpa supplicant versions prior to 2.10

Description A vulnerability in the p2p/p2p pd.c component of wpa supplicant is related to resource release errors. Exploitation of this issue could allow a remote attacker to cause a denial of service or potentially execute arbitrary code. The attacker must be within radio range to send specially crafted Wi-Fi Direct provision discovery requests.

Recommendations For versions prior to 2.10, update to version 2.10 or later to resolve the issue. As a temporary workaround, consider restricting access to Wi-Fi Direct features until the update is applied.

Fix

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404

Related Identifiers

ALT-PU-2021-1414

ALT-PU-2021-1437

ALT-PU-2021-1466

ALT-PU-2022-1160

ALT-PU-2022-1927

ALT-PU-2023-1833

AZL-6973

BDU:2021-01584

CESA-2021_0808

CESA-2021_0809

CVE-2021-27803

DLA-2581-1

DSA-4898-1

MGASA-2021-0095

OESA-2021-1133

OPENSUSE-SU-2021:0404-1

OPENSUSE-SU-2021_0404-1

OPENSUSE-SU-2024:11515-1

RHSA-2021:0808

RHSA-2021:0809

RHSA-2021:0816

RHSA-2021:0818

RHSA-2021_0808

RHSA-2021_0809

SUSE-SU-2021:0720-1

SUSE-SU-2021:0721-1

SUSE-SU-2021:0745-1

SUSE-SU-2021_0720-1

SUSE-SU-2021_0721-1

SUSE-SU-2021_0745-1

USN-4757-1

USN-4757-2

Affected Products

Alt Linux

Astra Linux

Centos

Linuxmint

Red Hat

Suse

Ubuntu

Wpa Supplicant

CVE-2021-27803

Weakness Enumeration

Related Identifiers

Affected Products

References · 81