CVSS Base Vector:
The remote host is missing an update for the 'wpa'
Linux Distribution Package(s) announced via the DSA-4538-1 advisory.
Checks if a vulnerable Linux Distribution Package version is present on the target host.
Two vulnerabilities were found in the WPA protocol implementation found in
wpa_supplication (station) and hostapd (access point).
A timing-based side-channel attack against WPA3's Dragonfly handshake when
using Brainpool curves could be used by an attacker to retrieve the
Insufficient source address validation for some received Management frames
in hostapd could lead to a denial of service for stations associated to an
access point. An attacker in radio range of the access point could inject a
specially constructed unauthenticated IEEE 802.11 frame to the access point
to cause associated stations to be disconnected and require a reconnection
to the network.
'wpa' Linux Distribution Package(s) on Debian Linux.
For the stable distribution (buster), these problems have been fixed in
We recommend that you upgrade your wpa Linux Distribution Packages.
Linux Distribution Package
Debian Local Security Checks
Find and Fix this Vulnerability:
Mageni can help you to find out if you have this or more vulnerabilities exposing you to hackers, ransomware and malware: Download Mageni's Free Edition
NVD CVE ID: