rpm package
suse/wpa_supplicant&distro=SUSE Linux Enterprise Micro 5.0
pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Micro%205.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-23304 | — | < 2.9-4.33.1 | 2.9-4.33.1 | Jan 17, 2022 | The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495. | ||
| CVE-2022-23303 | — | < 2.9-4.33.1 | 2.9-4.33.1 | Jan 17, 2022 | The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494. | ||
| CVE-2021-30004 | — | < 2.9-4.29.1 | 2.9-4.29.1 | Apr 2, 2021 | In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. |
- CVE-2022-23304Jan 17, 2022affected < 2.9-4.33.1fixed 2.9-4.33.1
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
- CVE-2022-23303Jan 17, 2022affected < 2.9-4.33.1fixed 2.9-4.33.1
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
- CVE-2021-30004Apr 2, 2021affected < 2.9-4.29.1fixed 2.9-4.29.1
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.