Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017501)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017501 advisory. The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differenc...

NewStart CGSL MAIN 7.02 : wpa_supplicant Vulnerability (NS-SA-2026-0037)

The remote NewStart CGSL host, running version MAIN 7.02, has wpasupplicant packages installed that are affected by a vulnerability: - The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop...

ROS-20250813-10

A vulnerability in the Wi-Fi WPA Supplicantt secure access client is related to an uncontrolled element of the search path. search path element. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

ROS-20250813-09

A vulnerability in the Wi-Fi WPA Supplicantt secure access client is related to an uncontrolled element of the search path. search path element. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

UBUNTU-CVE-2022-23303

The implementations of SAE in hostapd before 2.10 and wpasupplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494...

wpa_supplicant and hostapd 输入验证错误漏洞

hostapd is a user space daemon for access points and authentication servers. wpasupplicant is a cross-platform WPA request program. The program supports WEP, WPA, and WPA2, among others. An input validation error vulnerability exists in wpasupplicant and hostapd 2.9, which stems from improper...

SUSE-SU-2021:0745-1 Security update for wpa_supplicant

This update for wpasupplicant fixes the following issues: - CVE-2021-27803: P2P provision discovery processing vulnerability bsc1182805...

The vulnerability of the wpa_supplicant function of the EAP-PWD protocol in wireless communication devices certified by WPA allows a hacker to gain unauthorized access to information.

The vulnerability of the wpasupplicant function in the EAP-PWD protocol for wireless communication devices certified by WPA is related to the lack of integrity checking for messages. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

The vulnerability of the Wi-Fi WPA Supplicant component allows a intruder to trigger a service failure.

The vulnerability of the Wi-Fi WPA Supplicant component is related to the lack of a mechanism for verifying input data. Exploiting this vulnerability allows an attacker who operates remotely to cause a service failure...

ALPINE-CVE-2019-9497

The implementations of EAP-PWD in hostapd EAP Server and wpasupplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not...

BSA-2019-777

Security Advisory ID : BSA-2019-777 Component : WPA3 Revision : 1.0: Final Multiple vulnerabilities have been identified in WPA3 protocol design and implementations ofhostapdandwpasupplicant, which can allow a remote attacker to acquire a weak password, conduct a denial of service, or gain comple...

UBUNTU-CVE-2018-14526

An issue was discovered in rsnsupp/wpa.c in wpasupplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive...

wpa_supplicant man-in-the-middle attack vulnerability

wpasupplicant is a set of daemons running in the background developed by software developer Jouni Malinen and other contributors to support WEP, WPA/WPA2 and WAPI wireless protocols and encrypted authentication. A security vulnerability exists in wpasupplicant version 2.0-16. A remote attacker...

UBUNTU-CVE-2016-4476

hostapd 0.6.7 through 2.5 and wpasupplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service daemon outage via a crafted WPS operation...

wpa_supplicant and hostapd denial of service vulnerabilities

wpasupplicant is a daemon running in the background developed by software developer Jouni Malinen and other contributors to support WEP, WPA/WPA2, and WAPI wireless protocols and encrypted authentication. hostapd is a daemon that implements a wireless access point AP and authentication server. A...

CVE-2015-5310

The WNM Sleep Mode code in wpasupplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection MFP was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service ignored packets via a...

hostapd and wpa_supplicant denial of service vulnerabilities (CNVD-2015-03931)

hostapd is a daemon that implements a wireless access point AP and authentication server. wpasupplicant is a daemon that runs in the background, developed by software developer Jouni Malinen and other contributors, and is primarily used to support the WEP, WPA/WPA2 and WAPI wireless protocols and...

hostapd and wpa_supplicant denial of service vulnerabilities (CNVD-2015-03932)

hostapd is a daemon that implements a wireless access point AP and authentication server. wpasupplicant is a daemon that runs in the background, developed by software developer Jouni Malinen and other contributors, and is primarily used to support the WEP, WPA/WPA2 and WAPI wireless protocols and...

hostapd and wpa_supplicant Total-Length field length denial of service vulnerability

hostapd is a daemon that implements a wireless access point AP and authentication server. wpasupplicant is a daemon that runs in the background and is used to support WEP, WPA/WPA2 and WAPI wireless protocols and encrypted authentication. The EAP-pwd server-side and peer-side implementations of...

DEBIAN-CVE-2015-4143

The EAP-pwd server and peer implementation in hostapd and wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted 1 Commit or 2 Confirm message payload...