Kua kitea he whakaraeraetanga (CVE-2021-27803) i roto i te kete wpa_supplicant, i whakamahia hei hono atu ki te whatunga ahokore i roto i te maha o nga tohatoha Linux, *BSD me Android, ka taea pea te whakamahi ki te kawe i te waehere kaiwhakaeke i te wa e tukatuka ana i te Wi-Fi i hangaia motuhake. Nga papa whakahaere tika (Wi-Fi P2P). Ki te kawe i te whakaeke, me noho te kaitukino i roto i te awhe o te whatunga ahokore ki te tuku i tetahi huinga papa i hangaia motuhake ki te patunga.
Ko te raru i puta mai i te pepeke i roto i te kaihautu Wi-Fi P2P, na te mea ko te tukatuka o te anga PDR (Provision Discovery Request) kua he te whakahōputu ka taea te arahi ki tetahi ahuatanga ka mukua te rekoata mo te hoa P2P tawhito me te ka tuhia nga korero ki tetahi poraka mahara kua wetekina (whakamahia -muri-kore). Ko te take e pa ana ki te tuku wpa_supplicant 1.0 ki te 2.9, i whakaemihia me te whiringa CONFIG_P2P.
Ka whakatikahia te whakaraeraetanga i roto i te tuku wpa_supplicant 2.10. I roto i nga tohatoha, kua whakaputaina he whakahou wera mo Fedora Linux. Ko te mana o te whakaputanga o nga whakahoutanga e etahi atu tohatoha ka taea te whai i nga wharangi: Debian, Ubuntu, RHEL, SUSE, Arch Linux. Hei mahi mo te aukati i te whakaraeraetanga, whakakorehia te tautoko P2P ma te tohu "p2p_disabled=1" i roto i nga tautuhinga, te whakahaere ranei i te whakahau "P2P_SET monokia 1" i te atanga CLI.
Source: opennet.ru