CVE-2021-30004
Description
In wpa_supplicant and hostapd 2.9, mishandling of AlgorithmIdentifier parameters in TLS/X.509 code enables forging attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In wpa_supplicant and hostapd 2.9, mishandling of AlgorithmIdentifier parameters in TLS/X.509 code enables forging attacks.
Vulnerability
In wpa_supplicant and hostapd version 2.9, the functions handling AlgorithmIdentifier parameters in tls/pkcs1.c and tls/x509v3.c are improperly implemented, allowing attackers to forge certificates or signatures. This vulnerability affects both software packages when used as a WPA supplicant or access point daemon.
Exploitation
An attacker with network access to a device running the affected software can craft malicious TLS certificates or X.509 signatures that bypass validation. The exact attack vector is not detailed, but the issue is related to the parsing of AlgorithmIdentifier structures.
Impact
Successful exploitation could allow an attacker to perform forging attacks, potentially leading to authentication bypass, man-in-the-middle attacks, or, in worst cases, arbitrary code execution as cited in the advisory [1].
Mitigation
Upgrade to wpa_supplicant version 2.10 or later, and hostapd version 2.10 or later. No workaround is available at this time, as stated in the Gentoo security advisory [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- wpa_supplicant and hostapd/wpa_supplicant and hostapddescription
- Range: = 2.9
- osv-coords9 versionspkg:rpm/opensuse/hostapd&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/hostapd&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/wpa_supplicant&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/wpa_supplicant&distro=openSUSE%20Tumbleweedpkg:rpm/suse/hostapd&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 2.9-lp152.2.3.1+ 8 more
- (no CPE)range: < 2.9-lp152.2.3.1
- (no CPE)range: < 2.9-6.2
- (no CPE)range: < 2.9-lp152.8.12.1
- (no CPE)range: < 2.9-13.4
- (no CPE)range: < 2.9-bp152.2.3.1
- (no CPE)range: < 2.9-4.29.1
- (no CPE)range: < 2.9-4.29.1
- (no CPE)range: < 2.9-23.12.1
- (no CPE)range: < 2.9-23.12.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2- security.gentoo.org/glsa/202309-16mitrevendor-advisory
- w1.fi/cgit/hostap/commit/mitre
News mentions
0No linked articles in our index yet.