aboutsummaryrefslogtreecommitdiff
path: root/package/slirp/slirp.mk
diff options
context:
space:
mode:
authorGravatar Peter Korsgaard <peter@korsgaard.com>2021-03-02 22:59:43 +0100
committerGravatar Yann E. MORIN <yann.morin.1998@free.fr>2021-03-02 23:11:25 +0100
commit9ada4eb2f1c3d67ee49f6f5466738bcd821fc647 (patch)
treedf74d1b70f582c9dcaa3eaed42961f1e98c8d121 /package/slirp/slirp.mk
parentb33f74823e70f073128762c86e1a8e83ac10d3e1 (diff)
downloadbuildroot-9ada4eb2f1c3d67ee49f6f5466738bcd821fc647.tar.gz
buildroot-9ada4eb2f1c3d67ee49f6f5466738bcd821fc647.tar.bz2
package/wpa_supplicant: add upstream 2021-1 security fix
Fixes the following security issue: - wpa_supplicant P2P provision discovery processing vulnerability (no CVE yet) A vulnerability was discovered in how wpa_supplicant processes P2P (Wi-Fi Direct) provision discovery requests. Under a corner case condition, an invalid Provision Discovery Request frame could end up reaching a state where the oldest peer entry needs to be removed. With a suitably constructed invalid frame, this could result in use (read+write) of freed memory. This can result in an attacker within radio range of the device running P2P discovery being able to cause unexpected behavior, including termination of the wpa_supplicant process and potentially code execution. For more details, see the advisory: https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt Signed-off-by: Peter Korsgaard <peter@korsgaard.com> [yann.morin.1998@free.fr: actually add the patch URL to the patch list] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Diffstat (limited to 'package/slirp/slirp.mk')
0 files changed, 0 insertions, 0 deletions