Your submission was sent successfully! Close

CVE-2022-23303

Published: 17 January 2022

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.

Priority

Low

CVSS 3 base score: 9.8

Status

Package Release Status
wpa
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

impish Needs triage

jammy Needs triage

trusty Needs triage

upstream
Released (2:2.10-1)
xenial Needs triage