Lucene search
Gentoo FoundationMGASA-2019-0229HistoryAug 31, 2019 - 4:22 p.m.
Updated wpa_supplicant and hostapd packages fix security vulnerability
2019-08-3116:22:36
Gentoo Foundation
advisories.mageia.org
19
0.01 Low
EPSS
Percentile
83.6%
A number of potential side channel attacks were discovered in the SAE implementations used by both hostapd (AP) and wpa_supplicant (infrastructure BSS station/mesh station). SAE (Simultaneous Authentication of Equals) is also known as WPA3-Personal. The discovered side channel attacks may be able to leak information about the used password based on observable timing differences and cache access patterns. This might result in full password recovery when combined with an offline dictionary attack and if the password is not strong enough to protect against dictionary attacks.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 7 | noarch | wpa_supplicant | < 2.9-1.1 | wpa_supplicant-2.9-1.1.mga7 |
| Mageia | 7 | noarch | hostapd | < 2.9-1 | hostapd-2.9-1.mga7 |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0229)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4098-1)
2019-08-15 00:00:00
Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2019-1875)
2020-01-23 00:00:00
ubuntucve
ubuntucve
nessus
nessus
Ubuntu 18.04 LTS : wpa_supplicant and hostapd vulnerability (USN-4098-1)
2019-08-20 00:00:00
Fedora 30 : hostapd (2019-97e9040197)
2019-08-20 00:00:00
EulerOS 2.0 SP2 : wpa_supplicant (EulerOS-SA-2019-1875)
2019-09-16 00:00:00
redhatcve
redhatcve
CVE-2019-13377
2019-08-06 02:07:02
CVE-2019-9494
2020-03-29 14:08:00
osv
osv
CVE-2019-13377
2019-08-15 17:15:13
CVE-2019-9494
2019-04-17 14:29:03
wpa - security update
2019-09-29 00:00:00
cve
cve
debiancve
debiancve
ubuntu
ubuntu
wpa_supplicant and hostapd vulnerability
2019-08-14 00:00:00
cvelist
cvelist
CVE-2019-13377
2019-08-15 16:05:29
CVE-2019-9494 The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks
2019-04-17 13:31:08
CVE-2019-13456
2019-12-03 19:53:53
prion
prion
Design/Logic Flaw
2019-08-15 17:15:00
Design/Logic Flaw
2019-04-17 14:29:00
Default configuration
2019-04-17 14:29:00
alpinelinux
alpinelinux
thn
thn
Security Flaws in WPA3 Protocol Let Attackers Hack WiFi Password
2019-04-10 18:30:00
Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords
2019-08-03 09:23:00
debian
debian
[SECURITY] [DSA 4538-1] wpa security update
2019-09-29 14:00:39
[SECURITY] [DSA 4430-1] wpa security update
2019-04-11 06:13:36
freebsd
freebsd
FreeBSD -- SAE side-channel attacks
2019-04-10 00:00:00
FreeBSD -- EAP-pwd side-channel attack
2019-04-10 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: hostapd-2.9-1.fc30
2019-08-19 01:02:43
[SECURITY] Fedora 30 Update: wpa_supplicant-2.7-5.fc30
2019-04-15 00:04:30
[SECURITY] Fedora 28 Update: hostapd-2.7-2.fc28
2019-04-23 18:49:46
mageia
mageia
Updated wpa_supplicant packages fix security vulnerability
2022-01-18 22:29:46
hackerone
hackerone
fortinet
fortinet
Protect
2020-01-03 00:00:00
cert
cert
suse
suse
Security update for hostapd (moderate)
2020-02-15 00:00:00
Security update for wpa_supplicant (moderate)
2020-11-27 00:00:00
Security update for wpa_supplicant (moderate)
2020-11-26 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-19:03.wpa
2019-05-14 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0023
2019-07-04 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0023
2019-07-03 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1998
2021-07-02 18:21:00