mirror of
https://git.yoctoproject.org/poky
synced 2026-06-08 00:52:48 +02:00
19d3dc1ebb
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494. Backport patches from: https://w1.fi/security/2022-1/ CVE: CVE-2022-23303 CVE-2022-23304 (From OE-Core rev: 13ae7a3f4bbe7abafae3136190cf43d226271413) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>