[ALSA-2024:2517] Moderate: wpa_supplicant security update
Type:
security
Severity:
moderate
Release date:
2024-05-07
Description:
The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 (IEEE 802.11i / RSN), and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix(es): * wpa_supplicant: potential authorization bypass (CVE-2023-52160) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 wpa_supplicant-2.10-5.el9.aarch64.rpm 91fc3aa6dd35c3e6cf4ba8f0a07dd86f06aecb45beaeda5f634dd5e98bf34435
ppc64le wpa_supplicant-2.10-5.el9.ppc64le.rpm 08361251d994ad72e62eb2a888d29d220fc09f3066d7d55eca9d91fb44e31e1b
s390x wpa_supplicant-2.10-5.el9.s390x.rpm 8ed595ccd59d47909e9360056b97cf84cbb8d3a4fe62d36b8a88f798ddf8e7e5
x86_64 wpa_supplicant-2.10-5.el9.x86_64.rpm 077bd42d21e1fbb56a6b01696cd0fb3c1a2f528d5682f1396e28fd380f3d6092
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.