rpm package
suse/wpa_supplicant&distro=SUSE Linux Enterprise Module for Basesystem 15 SP6
pkg:rpm/suse/wpa_supplicant&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-24912 | — | < 2.10-150600.7.6.1 | 2.10-150600.7.6.1 | Mar 12, 2025 | hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail. | ||
| CVE-2023-52160 | — | < 2.10-150600.7.3.1 | 2.10-150600.7.3.1 | Feb 22, 2024 | The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused t |
- CVE-2025-24912Mar 12, 2025affected < 2.10-150600.7.6.1fixed 2.10-150600.7.6.1
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
- CVE-2023-52160Feb 22, 2024affected < 2.10-150600.7.3.1fixed 2.10-150600.7.3.1
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused t