Debian Security Advisory
DLA-2581-1 wpa -- LTS security update
- Date Reported:
- 03 Mar 2021
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2021-27803.
- More information:
A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.
For Debian 9 stretch, this problem has been fixed in version 2:2.4-1+deb9u9.
We recommend that you upgrade your wpa packages.
For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpa
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS