wpa-supplicant: fix CVE-2022-23303-4 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Steve Sakoman <steve@sakoman.com>	2022-02-09 04:27:25 -1000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-23 23:43:42 +0000
commit	19d3dc1ebb74751ad2bc259f7fd12be90e85c224 (patch)
tree	e4f396490b03c9b3717e549225e619ab33bc1393 /scripts/lib/recipetool/create.py
parent	0c48142849daf40f85ad4c03887158e6854870b3 (diff)
download	poky-19d3dc1ebb74751ad2bc259f7fd12be90e85c224.tar.gz

wpa-supplicant: fix CVE-2022-23303-4

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494. Backport patches from: https://w1.fi/security/2022-1/ CVE: CVE-2022-23303 CVE-2022-23304 (From OE-Core rev: 13ae7a3f4bbe7abafae3136190cf43d226271413) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/lib/recipetool/create.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: