In p2pcopyclient_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "27953088862501608363902232068580082871", "239874137859324499201315692976508883353", "133419836234293689097076431483329205039", "91759737128570643652395725378764883923", "41591529171382063936714124977847515994" ] }, "id": "ASB-A-172937525-679dcf59", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c" }, "signature_type": "Line" }, { "digest": { "length": 566.0, "function_hash": "100878999754899109193204500004704371025" }, "id": "ASB-A-172937525-c0500ad4", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c", "function": "p2p_copy_client_info" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80" ], "spl": "2021-02-01", "severity": "Critical", "types": [ "RCE" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "27953088862501608363902232068580082871", "239874137859324499201315692976508883353", "133419836234293689097076431483329205039", "91759737128570643652395725378764883923", "41591529171382063936714124977847515994" ] }, "id": "ASB-A-172937525-012af784", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c" }, "signature_type": "Line" }, { "digest": { "length": 566.0, "function_hash": "100878999754899109193204500004704371025" }, "id": "ASB-A-172937525-17f35892", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c", "function": "p2p_copy_client_info" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80" ], "spl": "2021-02-01", "severity": "Critical", "types": [ "RCE" ] }
{ "vanir_signatures": [ { "digest": { "length": 566.0, "function_hash": "100878999754899109193204500004704371025" }, "id": "ASB-A-172937525-05ec0ea0", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c", "function": "p2p_copy_client_info" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "27953088862501608363902232068580082871", "239874137859324499201315692976508883353", "133419836234293689097076431483329205039", "91759737128570643652395725378764883923", "41591529171382063936714124977847515994" ] }, "id": "ASB-A-172937525-7188901b", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80" ], "spl": "2021-02-01", "severity": "Critical", "types": [ "RCE" ] }
{ "vanir_signatures": [ { "digest": { "length": 566.0, "function_hash": "100878999754899109193204500004704371025" }, "id": "ASB-A-172937525-276db8a2", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c", "function": "p2p_copy_client_info" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "27953088862501608363902232068580082871", "239874137859324499201315692976508883353", "133419836234293689097076431483329205039", "91759737128570643652395725378764883923", "41591529171382063936714124977847515994" ] }, "id": "ASB-A-172937525-bcd20c16", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80" ], "spl": "2021-02-01", "severity": "Critical", "types": [ "RCE" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "27953088862501608363902232068580082871", "239874137859324499201315692976508883353", "133419836234293689097076431483329205039", "91759737128570643652395725378764883923", "41591529171382063936714124977847515994" ] }, "id": "ASB-A-172937525-5eb6c528", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c" }, "signature_type": "Line" }, { "digest": { "length": 566.0, "function_hash": "100878999754899109193204500004704371025" }, "id": "ASB-A-172937525-ce15f42c", "source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80", "deprecated": false, "signature_version": "v1", "target": { "file": "src/p2p/p2p.c", "function": "p2p_copy_client_info" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/0b60cb210510c68871c8d735285bc4915de3bd80" ], "spl": "2021-02-01", "severity": "Critical", "types": [ "RCE" ] }