Security update for wpa_supplicant SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:0478-1 Final 1 1 2021-02-15T09:50:04Z current 2021-02-15T09:50:04Z 2021-02-15T09:50:04Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for wpa_supplicant This update for wpa_supplicant fixes the following issues: - CVE-2021-0326: P2P group information processing vulnerability (bsc#1181777). - CVE-2019-16275: AP mode PMF disconnection protection bypass (bsc#1150934) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). HPE-Helion-OpenStack-8-2021-478,SUSE-2021-478,SUSE-OpenStack-Cloud-7-2021-478,SUSE-OpenStack-Cloud-8-2021-478,SUSE-OpenStack-Cloud-9-2021-478,SUSE-OpenStack-Cloud-Crowbar-8-2021-478,SUSE-OpenStack-Cloud-Crowbar-9-2021-478,SUSE-SLE-SAP-12-SP2-2021-478,SUSE-SLE-SAP-12-SP3-2021-478,SUSE-SLE-SAP-12-SP4-2021-478,SUSE-SLE-SERVER-12-SP2-2021-478,SUSE-SLE-SERVER-12-SP2-BCL-2021-478,SUSE-SLE-SERVER-12-SP3-2021-478,SUSE-SLE-SERVER-12-SP3-BCL-2021-478,SUSE-SLE-SERVER-12-SP4-LTSS-2021-478 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20210478-1/ Link for SUSE-SU-2021:0478-1 https://lists.suse.com/pipermail/sle-security-updates/2021-February/008327.html E-Mail link for SUSE-SU-2021:0478-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1150934 SUSE Bug 1150934 https://bugzilla.suse.com/1181777 SUSE Bug 1181777 https://www.suse.com/security/cve/CVE-2019-16275/ SUSE CVE CVE-2019-16275 page https://www.suse.com/security/cve/CVE-2021-0326/ SUSE CVE CVE-2021-0326 page HPE Helion OpenStack 8 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 wpa_supplicant-2.6-15.13.1 wpa_supplicant-gui-2.6-15.13.1 wpa_supplicant-2.6-15.13.1 as a component of HPE Helion OpenStack 8 wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 wpa_supplicant-2.6-15.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 wpa_supplicant-2.6-15.13.1 as a component of SUSE OpenStack Cloud 7 wpa_supplicant-2.6-15.13.1 as a component of SUSE OpenStack Cloud 8 wpa_supplicant-2.6-15.13.1 as a component of SUSE OpenStack Cloud 9 wpa_supplicant-2.6-15.13.1 as a component of SUSE OpenStack Cloud Crowbar 8 wpa_supplicant-2.6-15.13.1 as a component of SUSE OpenStack Cloud Crowbar 9 hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range. CVE-2019-16275 HPE Helion OpenStack 8:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP2-BCL:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP2-LTSS:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP3-BCL:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP3-LTSS:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP4-LTSS:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 7:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 8:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 9:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud Crowbar 8:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud Crowbar 9:wpa_supplicant-2.6-15.13.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210478-1/ https://www.suse.com/security/cve/CVE-2019-16275.html CVE-2019-16275 https://bugzilla.suse.com/1150934 SUSE Bug 1150934 In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525 CVE-2021-0326 HPE Helion OpenStack 8:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP2-BCL:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP2-LTSS:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP3-BCL:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP3-LTSS:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server 12 SP4-LTSS:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:wpa_supplicant-2.6-15.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 7:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 8:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud 9:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud Crowbar 8:wpa_supplicant-2.6-15.13.1 SUSE OpenStack Cloud Crowbar 9:wpa_supplicant-2.6-15.13.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210478-1/ https://www.suse.com/security/cve/CVE-2021-0326.html CVE-2021-0326 https://bugzilla.suse.com/1181777 SUSE Bug 1181777