87 matches found
wpa_supplicant security, bug fix, and enhancement update
An update is available for wpasupplicant. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The wpasupplicant packages contain an 802.1X Supplicant with support fo...
[SECURITY] Fedora 34 Update: wpa_supplicant-2.9-12.fc34
wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...
[SECURITY] Fedora 34 Update: wpa_supplicant-2.9-11.fc34
wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...
Important: Red Hat Security Advisory: wpa_supplicant security update
An update for wpasupplicant is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: wpa_supplicant security update
The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association o...
Important: Red Hat Security Advisory: wpa_supplicant security update
An update for wpasupplicant is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Fedora: Security Advisory for wpa_supplicant (FEDORA-2021-3430f96019)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: wpa_supplicant-2.9-8.fc33
wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...
The vulnerability of the Bluetooth BR/EDR encryption key negotiation protocol lies in its authentication procedures’ deficiencies, which allow attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Bluetooth BR/EDR encryption key negotiation protocol is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information...
CVE-2020-5938
The CVE concerns F5 BIG-IP IPsec negotiation where, during tunnel setup with authenticated peers, the peer may agree on a key length outside the BIG-IP‑configured policy. Affected BIG‑IP versions: 11.6.1–11.6.5.2, 12.1.0–12.1.5.x, and 13.1.0–13.1.3.4. The vulnerability can lead to weaker-than-con...
Authentication flaw
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this i...
CVE-2020-8912 In-band key negotiation issue in AWS S3 Crypto SDK for GoLang
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this i...
CVE-2019-9506 Encryption Key Negotiation of Bluetooth (KNOB) Vulnerability
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks aka "KNOB" that can decrypt traffic and inject arbitrary...
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced...
[SECURITY] Fedora 30 Update: wpa_supplicant-2.8-3.fc30
wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...
[SECURITY] Fedora 29 Update: wpa_supplicant-2.7-2.fc29
wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11...
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced...
CentOS 7 : kernel (CESA-2019:3055)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 7 : kernel-rt (RHSA-2019:3089)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3089 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)
A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced...