Описание
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
Отчет
This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5, 6 as they did not include support for SAE (Simultaneous Authentication of Equals). This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 7 as they are not compiled with SAE (Simultaneous Authentication of Equals) enabled. In particular, the CONFIG_SAE=y option is not set at compile time. An attacker must be able to run unprivileged code on the victim's machine to be able to exploit it, lowering the severity of this flaw to Moderate.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | wpa_supplicant | Not affected | ||
| Red Hat Enterprise Linux 6 | wpa_supplicant | Not affected | ||
| Red Hat Enterprise Linux 7 | wpa_supplicant | Not affected | ||
| Red Hat Enterprise Linux 8 | wpa_supplicant | Not affected | ||
| Red Hat Virtualization 4 | redhat-virtualization-host | Not affected | ||
| Red Hat Virtualization 4 | rhvm-appliance | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
The implementations of SAE in hostapd and wpa_supplicant are vulnerabl ...
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
Уязвимость реализации SAE функции wpa_supplicant сертификации устройств беспроводной связи WPA, связанная с раскрытием информации, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
7 High
CVSS3