Test ID:	1.3.6.1.4.1.25623.1.1.12.2025.7317.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-7317-1)
Summary:	The remote host is missing an update for the 'wpa' package(s) announced via the USN-7317-1 advisory.
Description:	Summary: The remote host is missing an update for the 'wpa' package(s) announced via the USN-7317-1 advisory. Vulnerability Insight: George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that wpa_supplicant and hostapd reused encryption elements in the PKEX protocol. An attacker could possibly use this issue to impersonate a wireless access point, and obtain sensitive information. (CVE-2022-37660) Daniel De Almeida Braga, Mohamed Sabt, and Pierre-Alain Fouque discovered that wpa_supplicant and hostapd were vulnerable to side channel attacks due to the cache access patterns. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-23303, CVE-2022-23304) Affected Software/OS: 'wpa' package(s) on Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04, Ubuntu 24.10. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-23303 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/ https://security.gentoo.org/glsa/202309-16 https://w1.fi/security/2022-1/ Common Vulnerability Exposure (CVE) ID: CVE-2022-23304 Common Vulnerability Exposure (CVE) ID: CVE-2022-37660
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.