PUB-A-257029965
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-257029965.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-257029965
- Aliases
-
- A-257029965
- CVE-2023-21007
- Published
- 2023-03-01T00:00:00Z
- Modified
- 2025-10-24T15:26:23.750784Z
- Summary
- [none]
- Details
-
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/wpa_supplicant_8
Package
Ecosystem specific
{
"types": [
"ID"
],
"spl": "2023-03-01",
"severity": "Moderate",
"vanir_signatures": [
{
"id": "PUB-A-257029965-0a8c4821",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 614.0,
"function_hash": "321852342026563429884403549989806801952"
},
"target": {
"function": "P2pIface::startWpsPbcInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-2965c088",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 446.0,
"function_hash": "29179256213046456462594588623743637026"
},
"target": {
"function": "forceStaDisconnection",
"file": "hostapd/aidl/hostapd.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-2cbd9ccb",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 325.0,
"function_hash": "304862919695512685028025756866522332424"
},
"target": {
"function": "P2pIface::inviteInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-489bf3a3",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 365.0,
"function_hash": "105121558410630898602723282192200942124"
},
"target": {
"function": "P2pIface::rejectInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-57375273",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 251.0,
"function_hash": "165644971505095779920820179878423993244"
},
"target": {
"function": "P2pIface::setWpsDeviceTypeInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-7ece4782",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"267784770891736363066927136612262349887",
"251119640472696813808502630417277114110",
"82110769310425997029204339493250401355",
"50475380231930713199785725201057620340",
"117535896916156094233286197900322919659",
"305411529120477989096449133081981932240",
"175316613001679079756792936158995319075",
"304168399375420457179973043767459316325",
"40019295012450855165098072256238979794",
"335187921316862049506562351165002668482",
"259081564332439928802798901171903525727",
"9732878835770249696709646023731311730",
"275811131070210573826463343486145969297",
"157113327393829499510262926583904162879",
"181249693934510422258163493743879363201",
"97005296337405995567594539036529604499",
"158384647006094347256356500632331610673",
"263994662989655310059369804605474548759",
"324055926978466222262557302222317154651",
"253833181553165017550852354711710459332",
"150746296075692643819997638310239810716",
"98601117521964660950153415334672809233",
"198188078172716288461372056266597630544",
"15393108041217713004751889752394632131",
"292553076914462153722496176872880358597",
"294557981524759452744623972639589290697",
"83892416304764298960799743091325537521",
"275073322083899950601872083159217740780",
"40512993659853455619510829228555300586",
"17977162063296299066537110999155931360",
"93204688945369482874500701513935165973",
"316997951960481979695553208697051609020",
"179875974771643563460257506608600983528",
"196736917957622710347204079851300383838",
"20645197384023624604134820496671552772",
"77805595769428866870884741026909964032"
],
"threshold": 0.9
},
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Line"
},
{
"id": "PUB-A-257029965-8653098e",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1218.0,
"function_hash": "98746799185180776980817094450727189037"
},
"target": {
"function": "P2pIface::connectInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-90938099",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 188.0,
"function_hash": "225275501161322564484505173642441533658"
},
"target": {
"function": "P2pIface::removeClientInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-a0fe96d7",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 554.0,
"function_hash": "133277480177628379853410026512500202711"
},
"target": {
"function": "P2pIface::startWpsPinDisplayInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-ab71f8bd",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 551.0,
"function_hash": "193857294644734896375745334057554887551"
},
"target": {
"function": "P2pIface::requestServiceDiscoveryInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
},
{
"id": "PUB-A-257029965-bae958d8",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"67951725967581734224581204460881356359",
"25793791760192224148385652534407511059",
"286624069498036483250569919336037813248",
"132743282911492767411658978302634935581"
],
"threshold": 0.9
},
"target": {
"file": "hostapd/aidl/hostapd.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Line"
},
{
"id": "PUB-A-257029965-d7052804",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 617.0,
"function_hash": "265940483599719600156885895185499531991"
},
"target": {
"function": "P2pIface::reinvokeInternal",
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
},
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33",
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33"
]
}