{"id":"PUB-A-262235951","details":"In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-262235951","CVE-2023-21213"],"modified":"2026-04-13T15:04:09.269232Z","published":"2023-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-06-01"}],"affected":[{"package":{"name":"platform/external/wpa_supplicant_8","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-06-01"}]}],"versions":["13-next"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20"],"types":["ID"],"spl":"2023-06-01","vanir_signatures":[{"digest":{"length":424,"function_hash":"302268144275723282215237474613964667341"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-47b0e1ac","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateHs20IconQueryInternal"},"deprecated":false},{"digest":{"length":1567,"function_hash":"257355276165712963944831835492749907205"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-5cd64147","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp","function":"P2pIface::addGroupWithConfigInternal"},"deprecated":false},{"digest":{"length":286,"function_hash":"187077103001751572314279034052689728383"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-6d5fa3db","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::startWpsRegistrarInternal"},"deprecated":false},{"digest":{"length":397,"function_hash":"59139949819330265023457171034052804893"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-8c1a6e95","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateTdlsDiscoverInternal"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["282443825160230321450963843298545080728","240013557668857853334420540261787923890","62429178238551276205184415105404761893","46560374957961384603586640630652171945","336419216446644093182773684234698415035","327041791035341145435564724994982404898","78343065902290284737465664672312973572","255724180623786242402920462074245142357"]},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-8e3c7fd2","signature_type":"Line","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp"},"deprecated":false},{"digest":{"length":478,"function_hash":"270479948021175522507269756789778107231"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-b0a148ea","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateTdlsTeardownInternal"},"deprecated":false},{"digest":{"length":1417,"function_hash":"23404326539921386207545272978027900169"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-b3186f45","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::generateDppBootstrapInfoForResponderInternal"},"deprecated":false},{"digest":{"length":444,"function_hash":"8104615961089294009968361479877306241"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-b3d70c20","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::setCountryCodeInternal"},"deprecated":false},{"digest":{"length":461,"function_hash":"9612674215676627984640536271814398902"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-b64d3488","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateTdlsSetupInternal"},"deprecated":false},{"digest":{"length":428,"function_hash":"57178098856143511217138945353437811603"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-b862ad89","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::startWpsPinDisplayInternal"},"deprecated":false},{"digest":{"length":303,"function_hash":"291459334106095460708774590590163935140"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-cfb25b2f","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateVenueUrlAnqpQueryInternal"},"deprecated":false},{"digest":{"length":672,"function_hash":"222888601949521659693169645706244661099"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-d48eb61f","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateAnqpQueryInternal"},"deprecated":false},{"digest":{"length":537,"function_hash":"251277092963258719819988234584216547557"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-e6ded3c4","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp","function":"P2pIface::provisionDiscoveryInternal"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["108313089334327937595636589997524737905","66840887000484404323921320035452788215","219717861291424890984424019376547388571","44896243708100406615835794888652299551","108313089334327937595636589997524737905","66840887000484404323921320035452788215","119966804988596060753854524323008774240","153604098853226158544591461503264384829","108313089334327937595636589997524737905","66840887000484404323921320035452788215","119966804988596060753854524323008774240","153604098853226158544591461503264384829","213776302724071626336886735033271865367","111127769627793226434270712715727975740","185587857298398648800638886100378496896","11051987560156314982525484614039640730","138136018535094028760656810696393132256","242559769715913450717656652795026906173","220163884289595045272493767027284266292","186159613295524858348311536973943924232","97920612003950030480333138944478168364","106416219480024751751259025809335167026","98678616116437698904132115913139234778","262093932907482226702908105462070957040","179785536207578963771599860683453035709","306454131221479826909148403651925784495","94508611683518420978877184414880182032","198629720058014996525008381472581916452","83757367880493119121683389931198569683","31274133583577273158273533047343986777","19101203741728346271706693008717644004","210125636254096168817574411616794081904","321029893561082877086623895468503904177","74013402360008246287580570831392352661","140269204791012767623566618777651021530","123308398843050064060681011537122893696","265977110554366842733255150657799530232","74013402360008246287580570831392352661","140269204791012767623566618777651021530","108028509933157452795677691037514741083","16645525397261761350351177096480169880","257760521617479987513025030407880082978","14183314491399266848601277807740484092"]},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-eba4b300","signature_type":"Line","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp"},"deprecated":false},{"digest":{"length":304,"function_hash":"264951205164416993651860207899884527381"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/40e0dc8763a833a0bfe835843000f644be48ca20","id":"PUB-A-262235951-fdcf15c9","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::startWpsPbcInternal"},"deprecated":false}],"severity":"Moderate"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-262235951.json"}},{"package":{"name":"platform/external/wpa_supplicant_8","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-06-01"}]}],"versions":["13"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d"],"types":["ID"],"spl":"2023-06-01","vanir_signatures":[{"digest":{"length":303,"function_hash":"291459334106095460708774590590163935140"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-09febb75","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateVenueUrlAnqpQueryInternal"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["282443825160230321450963843298545080728","240013557668857853334420540261787923890","62429178238551276205184415105404761893","46560374957961384603586640630652171945","215639982946050837374262497398422649208","88542317988287961840380036956813897270","268742349020284817160466135871177099621"]},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-0f4b1181","signature_type":"Line","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp"},"deprecated":false},{"digest":{"length":286,"function_hash":"187077103001751572314279034052689728383"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-2269668f","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::startWpsRegistrarInternal"},"deprecated":false},{"digest":{"length":444,"function_hash":"8104615961089294009968361479877306241"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-60af6251","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::setCountryCodeInternal"},"deprecated":false},{"digest":{"length":397,"function_hash":"59139949819330265023457171034052804893"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-6ccb687f","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateTdlsDiscoverInternal"},"deprecated":false},{"digest":{"length":424,"function_hash":"302268144275723282215237474613964667341"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-72a47bd7","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateHs20IconQueryInternal"},"deprecated":false},{"digest":{"length":672,"function_hash":"222888601949521659693169645706244661099"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-75a895db","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateAnqpQueryInternal"},"deprecated":false},{"digest":{"length":3553,"function_hash":"118019735852887394048568976088613166868"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-87c6351a","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp","function":"P2pIface::addGroupWithConfigInternal"},"deprecated":false},{"digest":{"length":461,"function_hash":"9612674215676627984640536271814398902"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-91016366","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateTdlsSetupInternal"},"deprecated":false},{"digest":{"length":537,"function_hash":"251277092963258719819988234584216547557"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-ca91f56d","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/p2p_iface.cpp","function":"P2pIface::provisionDiscoveryInternal"},"deprecated":false},{"digest":{"length":1417,"function_hash":"23404326539921386207545272978027900169"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-d3d2958c","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::generateDppBootstrapInfoForResponderInternal"},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["108313089334327937595636589997524737905","66840887000484404323921320035452788215","219717861291424890984424019376547388571","44896243708100406615835794888652299551","108313089334327937595636589997524737905","66840887000484404323921320035452788215","119966804988596060753854524323008774240","153604098853226158544591461503264384829","108313089334327937595636589997524737905","66840887000484404323921320035452788215","119966804988596060753854524323008774240","153604098853226158544591461503264384829","213776302724071626336886735033271865367","111127769627793226434270712715727975740","185587857298398648800638886100378496896","11051987560156314982525484614039640730","138136018535094028760656810696393132256","242559769715913450717656652795026906173","220163884289595045272493767027284266292","186159613295524858348311536973943924232","97920612003950030480333138944478168364","106416219480024751751259025809335167026","98678616116437698904132115913139234778","262093932907482226702908105462070957040","179785536207578963771599860683453035709","306454131221479826909148403651925784495","94508611683518420978877184414880182032","198629720058014996525008381472581916452","83757367880493119121683389931198569683","31274133583577273158273533047343986777","19101203741728346271706693008717644004","210125636254096168817574411616794081904","321029893561082877086623895468503904177","74013402360008246287580570831392352661","140269204791012767623566618777651021530","123308398843050064060681011537122893696","265977110554366842733255150657799530232","74013402360008246287580570831392352661","140269204791012767623566618777651021530","108028509933157452795677691037514741083","16645525397261761350351177096480169880","257760521617479987513025030407880082978","14183314491399266848601277807740484092"]},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-d5cd277c","signature_type":"Line","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp"},"deprecated":false},{"digest":{"length":428,"function_hash":"57178098856143511217138945353437811603"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-e5ba3c5e","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::startWpsPinDisplayInternal"},"deprecated":false},{"digest":{"length":478,"function_hash":"270479948021175522507269756789778107231"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-f3ec27a3","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::initiateTdlsTeardownInternal"},"deprecated":false},{"digest":{"length":304,"function_hash":"264951205164416993651860207899884527381"},"source":"https://android.googlesource.com/platform/external/wpa_supplicant_8/+/ad44735f2ab69415240127d6590e34615c4b718d","id":"PUB-A-262235951-fa57f73f","signature_type":"Function","signature_version":"v1","target":{"file":"wpa_supplicant/aidl/sta_iface.cpp","function":"StaIface::startWpsPbcInternal"},"deprecated":false}],"severity":"Moderate"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-262235951.json"}}],"schema_version":"1.7.5"}