{"id":"PUB-A-257030027","details":"In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-257030027","CVE-2023-21006"],"modified":"2026-05-01T15:24:27.653932Z","published":"2023-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33"}],"affected":[{"package":{"name":"platform/external/wpa_supplicant_8","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-03-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::startWpsPbcInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"321852342026563429884403549989806801952","length":614},"id":"PUB-A-257030027-0a8c4821","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"forceStaDisconnection","file":"hostapd/aidl/hostapd.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"29179256213046456462594588623743637026","length":446},"id":"PUB-A-257030027-2965c088","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::inviteInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"304862919695512685028025756866522332424","length":325},"id":"PUB-A-257030027-2cbd9ccb","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::rejectInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"105121558410630898602723282192200942124","length":365},"id":"PUB-A-257030027-489bf3a3","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::setWpsDeviceTypeInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"165644971505095779920820179878423993244","length":251},"id":"PUB-A-257030027-57375273","deprecated":false},{"signature_type":"Line","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"threshold":0.9,"line_hashes":["267784770891736363066927136612262349887","251119640472696813808502630417277114110","82110769310425997029204339493250401355","50475380231930713199785725201057620340","117535896916156094233286197900322919659","305411529120477989096449133081981932240","175316613001679079756792936158995319075","304168399375420457179973043767459316325","40019295012450855165098072256238979794","335187921316862049506562351165002668482","259081564332439928802798901171903525727","9732878835770249696709646023731311730","275811131070210573826463343486145969297","157113327393829499510262926583904162879","181249693934510422258163493743879363201","97005296337405995567594539036529604499","158384647006094347256356500632331610673","263994662989655310059369804605474548759","324055926978466222262557302222317154651","253833181553165017550852354711710459332","150746296075692643819997638310239810716","98601117521964660950153415334672809233","198188078172716288461372056266597630544","15393108041217713004751889752394632131","292553076914462153722496176872880358597","294557981524759452744623972639589290697","83892416304764298960799743091325537521","275073322083899950601872083159217740780","40512993659853455619510829228555300586","17977162063296299066537110999155931360","93204688945369482874500701513935165973","316997951960481979695553208697051609020","179875974771643563460257506608600983528","196736917957622710347204079851300383838","20645197384023624604134820496671552772","77805595769428866870884741026909964032"]},"id":"PUB-A-257030027-7ece4782","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::connectInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"98746799185180776980817094450727189037","length":1218},"id":"PUB-A-257030027-8653098e","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::removeClientInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"225275501161322564484505173642441533658","length":188},"id":"PUB-A-257030027-90938099","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::startWpsPinDisplayInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"133277480177628379853410026512500202711","length":554},"id":"PUB-A-257030027-a0fe96d7","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::requestServiceDiscoveryInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"193857294644734896375745334057554887551","length":551},"id":"PUB-A-257030027-ab71f8bd","deprecated":false},{"signature_type":"Line","signature_version":"v1","target":{"file":"hostapd/aidl/hostapd.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"threshold":0.9,"line_hashes":["67951725967581734224581204460881356359","25793791760192224148385652534407511059","286624069498036483250569919336037813248","132743282911492767411658978302634935581"]},"id":"PUB-A-257030027-bae958d8","deprecated":false},{"signature_type":"Function","signature_version":"v1","target":{"function":"P2pIface::reinvokeInternal","file":"wpa_supplicant/aidl/p2p_iface.cpp"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33","digest":{"function_hash":"265940483599719600156885895185499531991","length":617},"id":"PUB-A-257030027-d7052804","deprecated":false}],"spl":"2023-03-01","fixes":["https://android.googlesource.com/platform/external/wpa_supplicant_8/+/73b889335132164fdb87c5d8ebccad1bd5620b33"],"types":["ID"],"severity":"Moderate"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-257030027.json"}}],"schema_version":"1.7.5"}