What Are You Looking For?

Popular Tags

Sign Up
MGASA-2021-0254 - Updated wpa_supplicant, hostapd packages fix security vulnerability

Publication date: 13 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0254.html
Type: security
Affected Mageia releases: 7, 8
CVE: CVE-2021-30004

The wpa_supplicant and hostapd packages are updated to fix a forging attacks
that may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. (CVE-2021-30004).

References:
- https://bugs.mageia.org/show_bug.cgi?id=29046
- https://lists.opensuse.org/archives/list/[email protected]/thread/EXT3Y5NEGCCPGZ7FTYURPUBTHNNJA6MF/
- https://lists.opensuse.org/archives/list/[email protected]/thread/4XPNZHCXJ32COQGQ62HNGD6DHPO5E552/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004

SRPMS:
- 8/core/wpa_supplicant-2.9-8.2.mga8
- 8/core/hostapd-2.9-5.1.mga8
- 7/core/wpa_supplicant-2.9-1.5.mga7
- 7/core/hostapd-2.9-1.3.mga7

Mageia 2021-0254: wpa_supplicant, hostapd security update

The wpa_supplicant and hostapd packages are updated to fix a forging attacks that may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c

Summary

The wpa_supplicant and hostapd packages are updated to fix a forging attacks that may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. (CVE-2021-30004).

References

- https://bugs.mageia.org/show_bug.cgi?id=29046

- https://lists.opensuse.org/archives/list/security-anno[email protected]/thread/EXT3Y5NEGCCPGZ7FTYURPUBTHNNJA6MF/

- https://lists.opensuse.org/archives/list/security-anno[email protected]/thread/4XPNZHCXJ32COQGQ62HNGD6DHPO5E552/

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30004

Resolution

MGASA-2021-0254 - Updated wpa_supplicant, hostapd packages fix security vulnerability

SRPMS

- 8/core/wpa_supplicant-2.9-8.2.mga8

- 8/core/hostapd-2.9-5.1.mga8

- 7/core/wpa_supplicant-2.9-1.5.mga7

- 7/core/hostapd-2.9-1.3.mga7

Severity
Publication date: 13 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0254.html
Type: security
CVE: CVE-2021-30004

Related News

Linux Malware! Read This If You Use Free Download Manager

Sep 13, 2023

Has Linux Lost Its Security Edge?

Jun 27, 2023

Microsoft's CBL-Mariner 2.0 Linux Distribution Adds Clippy

Aug 4, 2023

Open Saucers Have Job Security

May 15, 2023

News

Advisories

HOWTOs

Features

Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy
Supercharging Linux: Tips & Tricks to Beat the Threat Landscape
LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways

About Us

Powered By

Footer Logo

Feedback