CVE-2022-23303: wpa_supplicant: SAE side channel attacks as a result of cache access patterns

Severity: Critical

CVSS Score: 9.8

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.