Описание
Security update for wpa_supplicant
This update for wpa_supplicant fixes the following issues:
- CVE-2022-23303: Fixed side-channel attacks in SAE (bsc#1194732).
- CVE-2022-23304: Fixed side-channel attacks in EAP-pwd (bsc#1194733).
Список пакетов
Container rancher/elemental-teal-rt/5.3:latest
wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal-rt/5.4:latest
wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal/5.3:latest
wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal/5.4:latest
wpa_supplicant-2.9-4.33.1
Container suse/sle-micro-rancher/5.3:latest
wpa_supplicant-2.9-4.33.1
Container suse/sle-micro-rancher/5.4:latest
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-Azure
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-BYOS
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-BYOS-Azure
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-BYOS-EC2
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-BYOS-GCE
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-EC2
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-3-GCE
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-Azure
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-BYOS
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-BYOS-Azure
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-BYOS-EC2
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-BYOS-GCE
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-EC2
wpa_supplicant-2.9-4.33.1
Image SLES15-SP4-Micro-5-4-GCE
wpa_supplicant-2.9-4.33.1
SUSE Enterprise Storage 6
wpa_supplicant-2.9-4.33.1
SUSE Enterprise Storage 7
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Micro 5.0
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Micro 5.1
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Real Time 15 SP2
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server 15 SP1-BCL
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server 15 SP1-LTSS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server 15 SP2-BCL
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server 15 SP2-LTSS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server 15-LTSS
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server for SAP Applications 15
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
wpa_supplicant-2.9-4.33.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
wpa_supplicant-2.9-4.33.1
SUSE Manager Proxy 4.1
wpa_supplicant-2.9-4.33.1
SUSE Manager Retail Branch Server 4.1
wpa_supplicant-2.9-4.33.1
SUSE Manager Server 4.1
wpa_supplicant-2.9-4.33.1
Ссылки
- Link for SUSE-SU-2022:0716-1
- E-Mail link for SUSE-SU-2022:0716-1
- SUSE Security Ratings
- SUSE Bug 1194732
- SUSE Bug 1194733
- SUSE CVE CVE-2022-23303 page
- SUSE CVE CVE-2022-23304 page
Описание
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
Затронутые продукты
Container rancher/elemental-teal-rt/5.3:latest:wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal-rt/5.4:latest:wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal/5.3:latest:wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal/5.4:latest:wpa_supplicant-2.9-4.33.1
Ссылки
- CVE-2022-23303
- SUSE Bug 1194732
- SUSE Bug 1205064
Описание
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
Затронутые продукты
Container rancher/elemental-teal-rt/5.3:latest:wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal-rt/5.4:latest:wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal/5.3:latest:wpa_supplicant-2.9-4.33.1
Container rancher/elemental-teal/5.4:latest:wpa_supplicant-2.9-4.33.1
Ссылки
- CVE-2022-23304
- SUSE Bug 1194733
- SUSE Bug 1205064