auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. Reference: https://roy.marples.name/archives/dhcpcd-discuss/0002415.html Upstream commit: https://roy.marples.name/cgit/dhcpcd.git/commit/?id=7121040790b611ca3fbc400a1bbcd4364ef57233 https://roy.marples.name/cgit/dhcpcd.git/commit/?id=aee631aadeef4283c8a749c1caf77823304acf5e https://roy.marples.name/cgit/dhcpcd.git/commit/?id=cfde89ab66cb4e5957b1c4b68ad6a9449e2784da
Created dhcpcd tracking bugs for this issue: Affects: fedora-all [bug 1707385]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.