eeb26cf52c
Latest version available from: https://w1.fi/security/2021-1/ Vulnerability A vulnerability was discovered in how wpa_supplicant processes P2P (Wi-Fi Direct) provision discovery requests. Under a corner case condition, an invalid Provision Discovery Request frame could end up reaching a state where the oldest peer entry needs to be removed. With a suitably constructed invalid frame, this could result in use (read+write) of freed memory. This can result in an attacker within radio range of the device running P2P discovery being able to cause unexpected behavior, including termination of the wpa_supplicant process and potentially code execution. Vulnerable versions/configurations wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled An attacker (or a system controlled by the attacker) needs to be within radio range of the vulnerable system to send a set of suitably constructed management frames that trigger the corner case to be reached in the management of the P2P peer table. Note: FreeBSD base does not enable P2P.
FreeBSD Source:
This is the top level of the FreeBSD source directory.
FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.
For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.
The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.
Source Roadmap:
| Directory | Description |
|---|---|
| bin | System/user commands. |
| cddl | Various commands and libraries under the Common Development and Distribution License. |
| contrib | Packages contributed by 3rd parties. |
| crypto | Cryptography stuff (see crypto/README). |
| etc | Template files for /etc. |
| gnu | Various commands and libraries under the GNU Public License. Please see gnu/COPYING and gnu/COPYING.LIB for more information. |
| include | System include files. |
| kerberos5 | Kerberos5 (Heimdal) package. |
| lib | System libraries. |
| libexec | System daemons. |
| release | Release building Makefile & associated tools. |
| rescue | Build system for statically linked /rescue utilities. |
| sbin | System commands. |
| secure | Cryptographic libraries and commands. |
| share | Shared resources. |
| stand | Boot loader sources. |
| sys | Kernel sources. |
sys/arch/conf |
Kernel configuration files. GENERIC is the configuration used in release builds. NOTES contains documentation of all possible entries. |
| tests | Regression tests which can be run by Kyua. See tests/README for additional information. |
| tools | Utilities for regression testing and miscellaneous tasks. |
| usr.bin | User commands. |
| usr.sbin | System administration commands. |
For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.