Lucene search
K

37 matches found

AlpineLinux
AlpineLinux
added 2022/01/17 12:0 a.m.61 views

CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

9.8CVSS6.5AI score0.01903EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/01/17 12:0 a.m.55 views

CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

9.8CVSS2.4AI score0.01903EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/09/16 12:0 a.m.37 views

EulerOS 2.0 SP2 : wpa_supplicant (EulerOS-SA-2019-1875)

According to the version of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences a...

5.9CVSS7AI score0.03739EPSS
Exploits0References2
Mageia
Mageia
added 2019/08/31 1:22 p.m.62 views

Updated wpa_supplicant and hostapd packages fix security vulnerability

A number of potential side channel attacks were discovered in the SAE implementations used by both hostapd AP and wpasupplicant infrastructure BSS station/mesh station. SAE Simultaneous Authentication of Equals is also known as WPA3-Personal. The discovered side channel attacks may be able to lea...

5.9CVSS0.9AI score0.03739EPSS
Exploits0References3
Prion
Prion
added 2019/08/15 5:15 p.m.22 views

Design/Logic Flaw

The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel...

4.3CVSS5.8AI score0.02187EPSS
Exploits0References6Affected Software4
CVE
CVE
added 2019/08/15 4:5 p.m.227 views

CVE-2019-13377

CVE-2019-13377 affects the SAE and EAP-pwd implementations in hostapd and wpa_supplicant (2.x up to 2.8). The root cause is a side-channel weakness: observable timing differences and cache access patterns when Brainpool curves are used, enabling an attacker to recover parts of the password and po...

5.9CVSS6.2AI score0.02187EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.42 views

EulerOS 2.0 SP8 : wpa_supplicant (EulerOS-SA-2019-1779)

According to the version of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences a...

5.9CVSS7AI score0.03739EPSS
Exploits0References2
NVD
NVD
added 2019/04/17 2:29 p.m.31 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS5.8AI score0.03739EPSS
Exploits0References9
OSV
OSV
added 2019/04/17 2:29 p.m.23 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS5.8AI score
Exploits0References9
NVD
NVD
added 2019/04/17 2:29 p.m.26 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS6.1AI score0.03449EPSS
Exploits0References10
Cvelist
Cvelist
added 2019/04/17 1:31 p.m.42 views

CVE-2019-9495 The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

6.6AI score0.03449EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2019/04/17 1:31 p.m.33 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS6.5AI score0.03739EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/04/17 1:31 p.m.42 views

CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

4.3CVSS6.7AI score0.03449EPSS
Exploits0
CVE
CVE
added 2019/04/17 1:31 p.m.252 views

CVE-2019-9495

CVE-2019-9495 affects hostapd and wpa_supplicant with EAP-pwd support; vulnerable due to cache access-pattern side-channel. Astra Linux and other sources reinforce that before 2.10, both hostapd and wpa_supplicant are affected. Impact: potential exposure via side-channel, capable of cracking weak...

4.3CVSS6.7AI score0.03449EPSS
Exploits0References10Affected Software2
AlpineLinux
AlpineLinux
added 2019/04/17 1:31 p.m.49 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS6.5AI score0.03739EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/04/10 3:0 p.m.33 views

CVE-2019-9494

The implementations of SAE in hostapd and wpasupplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both...

5.9CVSS6.9AI score0.03739EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/01/07 6:0 p.m.29 views

CVE-2019-5489

The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. Fixing this affects the output of the fincore program. Limited...

6.8AI score0.00774EPSS
Exploits1References32
Rows per page
Query Builder