Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 503
Alerts This Week
Warning Icon 1 503

Ubuntu 20.10 USN-4757-1 High: wpa_supplicant Denial Of Service

ubuntu
Calendar Grey March 3, 2021
Dist Ubuntu Esm H88
Ubuntu Security Advisory USN-4758-1 details a vulnerability in NetworkManager that could lead to a denial of service or arbitrary code execution when processing network packets.
wpa_supplicant could be made to crash or run programs if it received specially crafted network traffic.

Summary

wpa_supplicant could be made to crash or run programs if it received

specially crafted network traffic.

Software Description:

- wpa: client support for WPA and WPA2

Details:

It was discovered that wpa_supplicant did not properly handle P2P

(Wi-Fi Direct) provision discovery requests in some situations. A

physically proximate attacker could use this to cause a denial of service

or possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
  wpasupplicant                   2:2.9-1ubuntu8.2

Ubuntu 20.04 LTS:
  wpasupplicant                   2:2.9-1ubuntu4.3

Ubuntu 18.04 LTS:
  wpasupplicant                   2:2.6-15ubuntu2.8

Ubuntu 16.04 LTS:
  wpasupplicant                   2.4-0ubuntu6.8

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2021-27803

Severity
important
Lowest
Low
Medium
High
Critical

March 03, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.