The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
References
Configurations
History
21 Nov 2024, 06:48
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/ - | |
References | () https://security.gentoo.org/glsa/202309-16 - | |
References | () https://w1.fi/security/2022-1/ - Mitigation, Patch, Third Party Advisory |
07 Nov 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
30 Sep 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2022-01-17 02:15
Updated : 2024-11-21 06:48
NVD link : CVE-2022-23303
Mitre link : CVE-2022-23303
CVE.ORG link : CVE-2022-23303
JSON object : View
Products Affected
w1.fi
- hostapd
- wpa_supplicant
fedoraproject
- fedora
CWE
CWE-203
Observable Discrepancy