26 matches found
[SECURITY] [DSA 6294-1] libgcrypt20 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6294-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 22, 2026 https://www.debian.org/security/faq -...
Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017501)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017501 advisory. The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differenc...
EUVD-2025-34652
When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...
CVE-2025-60016
When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...
CVE-2025-60016
When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...
CVE-2025-60016 BIG-IP SSL/TLS vulnerability
When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...
CVE-2025-60016
CVE-2025-60016 affects BIG-IP/TMM when a Diffie-Hellman ECC Brainpool curve is configured in an SSL profile (Cipher Rule or Cipher Group) and that profile is applied to a virtual server. Traffic that is not disclosed can cause the Traffic Management Microkernel (TMM) to terminate, resulting in Do...
CVE-2025-60016 BIG-IP SSL/TLS vulnerability
When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...
F5 Networks BIG-IP : BIG-IP SSL/TLS vulnerability (K000139514)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.2. It is, therefore, affected by a vulnerability as referenced in the K000139514 advisory. When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule o...
SUSE CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
OESA-2021-1019 wpa_supplicant security update
wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...
Debian DSA-4538-1 : wpa - security update
Two vulnerabilities were found in the WPA protocol implementation found in wpasupplication station and hostapd access point. - CVE-2019-13377 A timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. -...
ALPINE-CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
DEBIAN-CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
Design/Logic Flaw
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
CVE-2019-13377
The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...
CVE-2019-13377
CVE-2019-13377 affects the SAE and EAP-pwd implementations in hostapd and wpa_supplicant (2.x up to 2.8). The root cause is a side-channel weakness: observable timing differences and cache access patterns when Brainpool curves are used, enabling an attacker to recover parts of the password and po...