THREATOPS
THREAT OPSThreat News › [NVD] CVE-2022-23304 (CRITICAL 9.8) — The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.

[NVD] CVE-2022-23304 (CRITICAL 9.8) — The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.

lownvdPublished 2022-01-17

CVE-2022-23304 CVSS: 9.8 CRITICAL Published: 2022-01-17T02:15:06.813

The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-23304