Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Fedora 38: FEDORA-2024-36d2be00d0 Critical PEAP Client Update

fedora
Calendar Grey March 10, 2024
Dist Fedora Esm H88
Important revision for wpa_supplicant resolves PEAP client issue within Fedora 38, accompanied by advisory FEDORA-2024-36d2be00d0.
backport fix for PEAP client (CVE-2023-52160)

Summary

wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support

for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA

component that is used in the client stations. It implements key negotiation

with a WPA Authenticator and it controls the roaming and IEEE 802.11

authentication/association of the wlan driver.

Update Information:

backport fix for PEAP client (CVE-2023-52160)

Change Log

* Thu Feb 22 2024 Davide Caratti - 1:2.10-7 - Backport fix for PEAP client (CVE-2023-52160)

References


[ 1 ] Bug #2264594 - TRIAGE CVE-2023-52160 wpa_supplicant: potential authorization bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2264594 [ 2 ] Bug #2265479 - unpatched CVE-2023-52160 in Fedora 38 & 39 https://bugzilla.redhat.com/show_bug.cgi?id=2265479

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-36d2be00d0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: wpa_supplicant
Product: Fedora 38
Version: 2.10
Release: 7.fc38
Summary: WPA/WPA2/IEEE 802.1X Supplicant

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here