CVE-2022-23304

The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
Configurations

Configuration 1

cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*
cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Information

Published : 2022-01-17 02:15

Updated : 2022-02-28 10:07


NVD link : CVE-2022-23304

Mitre link : CVE-2022-23304

Products Affected
CWE