Advisories ยป MGASA-2022-0025

Updated wpa_supplicant packages fix security vulnerability

Publication date: 18 Jan 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-23303

Description

The implementations of SAE in hostapd before 2.10 and wpa_supplicant
before 2.10 are vulnerable to side channel attacks as a result of cache
access patterns. NOTE: this issue exists because of an incomplete fix for
CVE-2019-9494.
                

References

SRPMS

8/core