UBUNTU-CVE-2022-41859

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

The vulnerability of the EAP-pwd client implementation for Wi-Fi WPA Supplicant allows information disclosure due to incompatibility, enabling attackers to expose sensitive information.

The vulnerability of the EAP-pwd client implementation for Wi-Fi WPA Supplicant is related to the disclosure of information due to incompatibility. This vulnerability allows a malicious actor to disclose the protected information remotely...

AZL-7748 CVE-2022-23304 affecting package wpa_supplicant for versions less than 2.10-1

The implementations of EAP-pwd in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495...

DEBIAN-CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...