Lucene search

K
osvGoogleOSV:CVE-2022-23304
HistoryJan 17, 2022 - 2:15 a.m.

CVE-2022-23304

2022-01-1702:15:06
Google
osv.dev
13
eap-pwd
hostapd
wpa_supplicant
side-channel attacks
cache access patterns
security vulnerability

AI Score

6.7

Confidence

Low

EPSS

0.008

Percentile

81.8%

The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.