FEDORA-2019-ca49dfd42f

security update in Fedora 30 for wpa_supplicant

Status: stable 5 months ago

include fix for:

CVE-2019-9494 CVE-2019-9495 CVE-2019-9496 CVE-2019-9497 CVE-2019-9498

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

Comments 13

This update has been submitted for testing by dcaratti.

This update has been pushed to testing.

works for me

karma: +1

no regressions noted

karma: +1

This update has been submitted for batched by bodhi.

Tested on local machine with AMD Ryzen 5 2400G.

karma: +1 critpath: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

After upgrading to fedora30 (from fedora29), my Broadcom (BCM4360) USB wi-fi adapter does not work any more. The adapter hangs while trying to connect to an AP and the logs fill up with the following message: wpa_supplicant[1104]: wlp4s0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1

lspci gives the following entry for the wireless adapter: Network controller: Broadcom Inc. and subsidiaries BCM4360 802.11ac Wireless Network Adapter (rev 03)

The wireless adapter worked fine with fedora29 and wpa_supplicant 2.6.x

Could this be the same bug that is described in https://bugs.archlinux.org/task/61119 which mentions that wpa_supplicant 2.7.x passes invalid arguments to broadcom-wl driver?

karma: -1 critpath: -1

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+2
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 5 months ago
in testing 5 months ago
in stable 5 months ago

Related Bugs 3

00 #1699143 CVE-2019-9494 wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake [fedora-all]
00 #1699150 CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack [fedora-all]
00 #1699263 CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack [fedora-all]

Automated Test Results