CVE-2021-27803

HIGH7.5EPSS 0.83%

wpa - security update

Published: 2/26/2021Modified: 4/28/2026

Description

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.

Affected packages (3)

Alpine/wpa_supplicantfrom 0, < 2.8-r5
Debian/wpafrom 0, < 2:2.9.0-21
Debian/wpafrom 0, < 2:2.4-1+deb9u9

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2021-27803
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2021-27803