Lucene search
CertccCVELIST:CVE-2019-9495HistoryApr 17, 2019 - 1:31 p.m.
CVE-2019-9495 The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns
2019-04-1713:31:08
CWE-524
certcc
raw.githubusercontent.com
1
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
Related
debiancve
debiancve
nessus
nessus
prion
prion
Default configuration
2019-04-17 14:29:00
Design/Logic Flaw
2019-04-17 14:29:00
Default configuration
2022-01-17 02:15:00
freebsd
freebsd
FreeBSD -- EAP-pwd side-channel attack
2019-04-10 00:00:00
FreeBSD -- SAE side-channel attacks
2019-04-10 00:00:00
ubuntucve
ubuntucve
osv
osv
cve
cve
alpinelinux
alpinelinux
thn
thn
Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password
2019-04-10 18:30:00
redhatcve
redhatcve
CVE-2019-9495
2020-02-02 14:43:12
CVE-2019-9494
2020-03-29 14:08:00
openvas
openvas
Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2019-1875)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2019-2055)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2019-1779)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: wpa_supplicant-2.7-5.fc30
2019-04-15 00:04:30
[SECURITY] Fedora 28 Update: hostapd-2.7-2.fc28
2019-04-23 18:49:46
[SECURITY] Fedora 29 Update: hostapd-2.7-2.fc29
2019-04-23 20:15:17
cvelist
cvelist
CVE-2019-9494 The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks
2019-04-17 13:31:08
CVE-2022-23304
2022-01-17 00:00:00
CVE-2022-23303
2022-01-17 00:00:00
fortinet
fortinet
Protect
2020-01-03 00:00:00
debian
debian
[SECURITY] [DSA 4430-1] wpa security update
2019-04-11 06:13:36
[SECURITY] [DLA 1867-1] wpa security update
2019-07-31 22:11:07
cert
cert
suse
suse
Security update for hostapd (moderate)
2020-02-15 00:00:00
Security update for wpa_supplicant (moderate)
2020-11-27 00:00:00
Security update for wpa_supplicant (moderate)
2020-11-26 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-19:03.wpa
2019-05-14 00:00:00
mageia
mageia
Updated wpa_supplicant packages fix security vulnerability
2022-01-18 22:29:46
Updated wpa_supplicant and hostapd packages fix security vulnerability
2019-08-31 16:22:36
slackware
slackware
[slackware-security] wpa_supplicant
2022-01-19 18:33:08
rosalinux
rosalinux
Advisory ROSA-SA-2021-1998
2021-07-02 18:21:00
ubuntu
ubuntu
wpa_supplicant and hostapd vulnerabilities
2019-04-10 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2019-0017
2019-06-06 00:00:00
Important Photon OS Security Update - PHSA-2019-3.0-0017
2019-06-06 00:00:00
Critical Photon OS Security Update - PHSA-2019-0023
2019-07-04 00:00:00