Commit b32b671b authored Apr 08, 2021 by Stefan Ghinea Committed by Richard Purdie Apr 18, 2021

wpa-supplicant: fix CVE-2021-30004

In wpa_supplicant and hostapd 2.9, forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and
tls/x509v3.c.

References:
https://nvd.nist.gov/vuln/detail/CVE-2021-30004

Upstream patches:
https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15



Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

parent 5165d2e3

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 30cf99e9
· Apr 24, 2021

mentioned in commit 30cf99e9

mentioned in commit 30cf99e92f4ccaa13a685c987b3b77aeb966d7f7

Toggle commit list
mirror @mirror
mentioned in commit 470e4af4
· May 01, 2021

mentioned in commit 470e4af4

mentioned in commit 470e4af4c3a23eaafbd413722fdbfee5ad9e5be9

Toggle commit list
mirror @mirror
mentioned in commit decf95ad
· May 01, 2021

mentioned in commit decf95ad

mentioned in commit decf95ad84a38b86e4e9f86a78f76535f4f22d4f

Toggle commit list

Please register or to comment