PUB-A-262235736
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-262235736.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-262235736
- Aliases
-
- A-262235736
- CVE-2023-21214
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2025-07-14T14:59:53.514521Z
- Summary
- [none]
- Details
-
In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/external/wpa_supplicant_8
Package
Ecosystem specific
{
"types": [
"ID"
],
"severity": "Moderate",
"vanir_signatures": [
{
"digest": {
"function_hash": "302268144275723282215237474613964667341",
"length": 424.0
},
"id": "PUB-A-262235736-47b0e1ac",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateHs20IconQueryInternal"
}
},
{
"digest": {
"function_hash": "257355276165712963944831835492749907205",
"length": 1567.0
},
"id": "PUB-A-262235736-5cd64147",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp",
"function": "P2pIface::addGroupWithConfigInternal"
}
},
{
"digest": {
"function_hash": "187077103001751572314279034052689728383",
"length": 286.0
},
"id": "PUB-A-262235736-6d5fa3db",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::startWpsRegistrarInternal"
}
},
{
"digest": {
"function_hash": "59139949819330265023457171034052804893",
"length": 397.0
},
"id": "PUB-A-262235736-8c1a6e95",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateTdlsDiscoverInternal"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"282443825160230321450963843298545080728",
"240013557668857853334420540261787923890",
"62429178238551276205184415105404761893",
"46560374957961384603586640630652171945",
"336419216446644093182773684234698415035",
"327041791035341145435564724994982404898",
"78343065902290284737465664672312973572",
"255724180623786242402920462074245142357"
]
},
"id": "PUB-A-262235736-8e3c7fd2",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
}
},
{
"digest": {
"function_hash": "270479948021175522507269756789778107231",
"length": 478.0
},
"id": "PUB-A-262235736-b0a148ea",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateTdlsTeardownInternal"
}
},
{
"digest": {
"function_hash": "23404326539921386207545272978027900169",
"length": 1417.0
},
"id": "PUB-A-262235736-b3186f45",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::generateDppBootstrapInfoForResponderInternal"
}
},
{
"digest": {
"function_hash": "8104615961089294009968361479877306241",
"length": 444.0
},
"id": "PUB-A-262235736-b3d70c20",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::setCountryCodeInternal"
}
},
{
"digest": {
"function_hash": "9612674215676627984640536271814398902",
"length": 461.0
},
"id": "PUB-A-262235736-b64d3488",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateTdlsSetupInternal"
}
},
{
"digest": {
"function_hash": "57178098856143511217138945353437811603",
"length": 428.0
},
"id": "PUB-A-262235736-b862ad89",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::startWpsPinDisplayInternal"
}
},
{
"digest": {
"function_hash": "291459334106095460708774590590163935140",
"length": 303.0
},
"id": "PUB-A-262235736-cfb25b2f",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateVenueUrlAnqpQueryInternal"
}
},
{
"digest": {
"function_hash": "222888601949521659693169645706244661099",
"length": 672.0
},
"id": "PUB-A-262235736-d48eb61f",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateAnqpQueryInternal"
}
},
{
"digest": {
"function_hash": "251277092963258719819988234584216547557",
"length": 537.0
},
"id": "PUB-A-262235736-e6ded3c4",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp",
"function": "P2pIface::provisionDiscoveryInternal"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"108313089334327937595636589997524737905",
"66840887000484404323921320035452788215",
"219717861291424890984424019376547388571",
"44896243708100406615835794888652299551",
"108313089334327937595636589997524737905",
"66840887000484404323921320035452788215",
"119966804988596060753854524323008774240",
"153604098853226158544591461503264384829",
"108313089334327937595636589997524737905",
"66840887000484404323921320035452788215",
"119966804988596060753854524323008774240",
"153604098853226158544591461503264384829",
"213776302724071626336886735033271865367",
"111127769627793226434270712715727975740",
"185587857298398648800638886100378496896",
"11051987560156314982525484614039640730",
"138136018535094028760656810696393132256",
"242559769715913450717656652795026906173",
"220163884289595045272493767027284266292",
"186159613295524858348311536973943924232",
"97920612003950030480333138944478168364",
"106416219480024751751259025809335167026",
"98678616116437698904132115913139234778",
"262093932907482226702908105462070957040",
"179785536207578963771599860683453035709",
"306454131221479826909148403651925784495",
"94508611683518420978877184414880182032",
"198629720058014996525008381472581916452",
"83757367880493119121683389931198569683",
"31274133583577273158273533047343986777",
"19101203741728346271706693008717644004",
"210125636254096168817574411616794081904",
"321029893561082877086623895468503904177",
"74013402360008246287580570831392352661",
"140269204791012767623566618777651021530",
"123308398843050064060681011537122893696",
"265977110554366842733255150657799530232",
"74013402360008246287580570831392352661",
"140269204791012767623566618777651021530",
"108028509933157452795677691037514741083",
"16645525397261761350351177096480169880",
"257760521617479987513025030407880082978",
"14183314491399266848601277807740484092"
]
},
"id": "PUB-A-262235736-eba4b300",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp"
}
},
{
"digest": {
"function_hash": "264951205164416993651860207899884527381",
"length": 304.0
},
"id": "PUB-A-262235736-fdcf15c9",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::startWpsPbcInternal"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20"
],
"spl": "2023-06-01"
}
Android / platform/external/wpa_supplicant_8
Package
Ecosystem specific
{
"types": [
"ID"
],
"severity": "Moderate",
"vanir_signatures": [
{
"digest": {
"function_hash": "291459334106095460708774590590163935140",
"length": 303.0
},
"id": "PUB-A-262235736-09febb75",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateVenueUrlAnqpQueryInternal"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"282443825160230321450963843298545080728",
"240013557668857853334420540261787923890",
"62429178238551276205184415105404761893",
"46560374957961384603586640630652171945",
"215639982946050837374262497398422649208",
"88542317988287961840380036956813897270",
"268742349020284817160466135871177099621"
]
},
"id": "PUB-A-262235736-0f4b1181",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp"
}
},
{
"digest": {
"function_hash": "187077103001751572314279034052689728383",
"length": 286.0
},
"id": "PUB-A-262235736-2269668f",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::startWpsRegistrarInternal"
}
},
{
"digest": {
"function_hash": "8104615961089294009968361479877306241",
"length": 444.0
},
"id": "PUB-A-262235736-60af6251",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::setCountryCodeInternal"
}
},
{
"digest": {
"function_hash": "59139949819330265023457171034052804893",
"length": 397.0
},
"id": "PUB-A-262235736-6ccb687f",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateTdlsDiscoverInternal"
}
},
{
"digest": {
"function_hash": "302268144275723282215237474613964667341",
"length": 424.0
},
"id": "PUB-A-262235736-72a47bd7",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateHs20IconQueryInternal"
}
},
{
"digest": {
"function_hash": "222888601949521659693169645706244661099",
"length": 672.0
},
"id": "PUB-A-262235736-75a895db",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateAnqpQueryInternal"
}
},
{
"digest": {
"function_hash": "118019735852887394048568976088613166868",
"length": 3553.0
},
"id": "PUB-A-262235736-87c6351a",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp",
"function": "P2pIface::addGroupWithConfigInternal"
}
},
{
"digest": {
"function_hash": "9612674215676627984640536271814398902",
"length": 461.0
},
"id": "PUB-A-262235736-91016366",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateTdlsSetupInternal"
}
},
{
"digest": {
"function_hash": "251277092963258719819988234584216547557",
"length": 537.0
},
"id": "PUB-A-262235736-ca91f56d",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/p2p_iface.cpp",
"function": "P2pIface::provisionDiscoveryInternal"
}
},
{
"digest": {
"function_hash": "23404326539921386207545272978027900169",
"length": 1417.0
},
"id": "PUB-A-262235736-d3d2958c",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::generateDppBootstrapInfoForResponderInternal"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"108313089334327937595636589997524737905",
"66840887000484404323921320035452788215",
"219717861291424890984424019376547388571",
"44896243708100406615835794888652299551",
"108313089334327937595636589997524737905",
"66840887000484404323921320035452788215",
"119966804988596060753854524323008774240",
"153604098853226158544591461503264384829",
"108313089334327937595636589997524737905",
"66840887000484404323921320035452788215",
"119966804988596060753854524323008774240",
"153604098853226158544591461503264384829",
"213776302724071626336886735033271865367",
"111127769627793226434270712715727975740",
"185587857298398648800638886100378496896",
"11051987560156314982525484614039640730",
"138136018535094028760656810696393132256",
"242559769715913450717656652795026906173",
"220163884289595045272493767027284266292",
"186159613295524858348311536973943924232",
"97920612003950030480333138944478168364",
"106416219480024751751259025809335167026",
"98678616116437698904132115913139234778",
"262093932907482226702908105462070957040",
"179785536207578963771599860683453035709",
"306454131221479826909148403651925784495",
"94508611683518420978877184414880182032",
"198629720058014996525008381472581916452",
"83757367880493119121683389931198569683",
"31274133583577273158273533047343986777",
"19101203741728346271706693008717644004",
"210125636254096168817574411616794081904",
"321029893561082877086623895468503904177",
"74013402360008246287580570831392352661",
"140269204791012767623566618777651021530",
"123308398843050064060681011537122893696",
"265977110554366842733255150657799530232",
"74013402360008246287580570831392352661",
"140269204791012767623566618777651021530",
"108028509933157452795677691037514741083",
"16645525397261761350351177096480169880",
"257760521617479987513025030407880082978",
"14183314491399266848601277807740484092"
]
},
"id": "PUB-A-262235736-d5cd277c",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Line",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp"
}
},
{
"digest": {
"function_hash": "57178098856143511217138945353437811603",
"length": 428.0
},
"id": "PUB-A-262235736-e5ba3c5e",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::startWpsPinDisplayInternal"
}
},
{
"digest": {
"function_hash": "270479948021175522507269756789778107231",
"length": 478.0
},
"id": "PUB-A-262235736-f3ec27a3",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::initiateTdlsTeardownInternal"
}
},
{
"digest": {
"function_hash": "264951205164416993651860207899884527381",
"length": 304.0
},
"id": "PUB-A-262235736-fa57f73f",
"deprecated": false,
"source": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d",
"signature_version": "v1",
"signature_type": "Function",
"target": {
"file": "wpa_supplicant/aidl/sta_iface.cpp",
"function": "StaIface::startWpsPbcInternal"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d"
],
"spl": "2023-06-01"
}