In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15
https://security.gentoo.org/glsa/202309-16
Source: Mitre, NVD
Published: 2021-04-02
Updated: 2024-11-21
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N
Severity: Medium
Base Score: 5.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N