diff --git a/OpenCL/m02500-pure.cl b/OpenCL/m02500-pure.cl
index 4aff6b539..d27e931b9 100644
--- a/OpenCL/m02500-pure.cl
+++ b/OpenCL/m02500-pure.cl
@@ -408,6 +408,9 @@ KERNEL_FQ void m02500_aux1 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_eapol_t)
 
   GLOBAL_AS const wpa_eapol_t *wpa_eapol = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa_eapol->keyver != 1) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa_eapol->pke[ 0];
@@ -593,6 +596,9 @@ KERNEL_FQ void m02500_aux2 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_eapol_t)
 
   GLOBAL_AS const wpa_eapol_t *wpa_eapol = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa_eapol->keyver != 2) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa_eapol->pke[ 0];
@@ -809,6 +815,9 @@ KERNEL_FQ void m02500_aux3 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_eapol_t)
 
   GLOBAL_AS const wpa_eapol_t *wpa_eapol = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa_eapol->keyver != 3) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa_eapol->pke[ 0];
diff --git a/OpenCL/m02501-pure.cl b/OpenCL/m02501-pure.cl
index 8518bac74..6b6e321d0 100644
--- a/OpenCL/m02501-pure.cl
+++ b/OpenCL/m02501-pure.cl
@@ -184,6 +184,9 @@ KERNEL_FQ void m02501_aux1 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_eapol_t))
 
   GLOBAL_AS const wpa_eapol_t *wpa_eapol = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa_eapol->keyver != 1) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa_eapol->pke[ 0];
@@ -369,6 +372,9 @@ KERNEL_FQ void m02501_aux2 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_eapol_t))
 
   GLOBAL_AS const wpa_eapol_t *wpa_eapol = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa_eapol->keyver != 2) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa_eapol->pke[ 0];
@@ -585,6 +591,9 @@ KERNEL_FQ void m02501_aux3 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_eapol_t))
 
   GLOBAL_AS const wpa_eapol_t *wpa_eapol = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa_eapol->keyver != 3) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa_eapol->pke[ 0];
diff --git a/OpenCL/m22000-pure.cl b/OpenCL/m22000-pure.cl
index a6a1be2ab..59b50faa4 100644
--- a/OpenCL/m22000-pure.cl
+++ b/OpenCL/m22000-pure.cl
@@ -425,6 +425,9 @@ KERNEL_FQ void m22000_aux1 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if ((wpa->type != 2) && (wpa->keyver != 1)) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa->pke[ 0];
@@ -615,6 +618,9 @@ KERNEL_FQ void m22000_aux2 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if ((wpa->type != 2) && (wpa->keyver != 2)) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa->pke[ 0];
@@ -831,6 +837,9 @@ KERNEL_FQ void m22000_aux3 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if ((wpa->type != 2) && (wpa->keyver != 3)) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa->pke[ 0];
@@ -1093,6 +1102,9 @@ KERNEL_FQ void m22000_aux4 (KERN_ATTR_TMPS_ESALT (wpa_pbkdf2_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa->type != 1) return;
+
   sha1_hmac_ctx_t sha1_hmac_ctx;
 
   sha1_hmac_init (&sha1_hmac_ctx, w, 32);
diff --git a/OpenCL/m22001-pure.cl b/OpenCL/m22001-pure.cl
index 3d40741f9..b2486c336 100644
--- a/OpenCL/m22001-pure.cl
+++ b/OpenCL/m22001-pure.cl
@@ -238,6 +238,9 @@ KERNEL_FQ void m22001_aux1 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if ((wpa->type != 2) && (wpa->keyver != 1)) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa->pke[ 0];
@@ -428,6 +431,9 @@ KERNEL_FQ void m22001_aux2 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if ((wpa->type != 2) && (wpa->keyver != 2)) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa->pke[ 0];
@@ -644,6 +650,9 @@ KERNEL_FQ void m22001_aux3 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if ((wpa->type != 2) && (wpa->keyver != 3)) return;
+
   u32 pke[32];
 
   pke[ 0] = wpa->pke[ 0];
@@ -906,6 +915,9 @@ KERNEL_FQ void m22001_aux4 (KERN_ATTR_TMPS_ESALT (wpa_pmk_tmp_t, wpa_t))
 
   GLOBAL_AS const wpa_t *wpa = &esalt_bufs[digest_cur];
 
+  // this can occur on -a 9 because we are ignoring module_deep_comp_kernel()
+  if (wpa->type != 1) return;
+
   sha1_hmac_ctx_t sha1_hmac_ctx;
 
   sha1_hmac_init (&sha1_hmac_ctx, w, 32);
diff --git a/docs/changes.txt b/docs/changes.txt
index a4f2e9b20..46c924592 100644
--- a/docs/changes.txt
+++ b/docs/changes.txt
@@ -20,6 +20,7 @@
 ##
 
 - Fixed functional error when nonce-error-corrections that were set on the command line in hash-mode 22000/22001 were not accepted
+- Fixed method how OPTS_TYPE_AUX* kernels are called in association mode, for instance WPA/WPA2 kernels
 - Fixed missing option flag OPTS_TYPE_SUGGEST_KG for hash-mode 11600 to inform the user about possible false positives in this mode
 - Fixed undefined function call to hc_byte_perm_S() in hash-mode 17010 on non-CUDA compute devices
 - Fixed HEX wordlist handling in -m 3000 
diff --git a/src/backend.c b/src/backend.c
index 0e8c45fa5..5bf0ebfe0 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -2776,18 +2776,62 @@ int choose_kernel (hashcat_ctx_t *hashcat_ctx, hc_device_param_t *device_param,
     {
       if (hashconfig->opts_type & OPTS_TYPE_DEEP_COMP_KERNEL)
       {
-        const u32 loops_cnt = hashes->salts_buf[salt_pos].digests_cnt;
+        // module_ctx->module_deep_comp_kernel () would apply only on the first salt so we can't use it in -a 9 mode
+        // Instead we have to call all the registered AUX kernels
 
-        for (u32 loops_pos = 0; loops_pos < loops_cnt; loops_pos++)
+        if (user_options->attack_mode == ATTACK_MODE_ASSOCIATION)
         {
-          device_param->kernel_param.loop_pos = loops_pos;
-          device_param->kernel_param.loop_cnt = loops_cnt;
+          const u32 loops_cnt = hashes->salts_buf[salt_pos].digests_cnt;
 
-          const u32 deep_comp_kernel = module_ctx->module_deep_comp_kernel (hashes, salt_pos, loops_pos);
+          for (u32 loops_pos = 0; loops_pos < loops_cnt; loops_pos++)
+          {
+            device_param->kernel_param.loop_pos = loops_pos;
+            device_param->kernel_param.loop_cnt = loops_cnt;
+
+            if (hashconfig->opts_type & OPTS_TYPE_AUX1)
+            {
+              if (run_kernel (hashcat_ctx, device_param, KERN_RUN_AUX1, pws_pos, pws_cnt, false, 0) == -1) return -1;
+
+              if (status_ctx->run_thread_level2 == false) break;
+            }
+
+            if (hashconfig->opts_type & OPTS_TYPE_AUX2)
+            {
+              if (run_kernel (hashcat_ctx, device_param, KERN_RUN_AUX2, pws_pos, pws_cnt, false, 0) == -1) return -1;
+
+              if (status_ctx->run_thread_level2 == false) break;
+            }
+
+            if (hashconfig->opts_type & OPTS_TYPE_AUX3)
+            {
+              if (run_kernel (hashcat_ctx, device_param, KERN_RUN_AUX3, pws_pos, pws_cnt, false, 0) == -1) return -1;
+
+              if (status_ctx->run_thread_level2 == false) break;
+            }
 
-          if (run_kernel (hashcat_ctx, device_param, deep_comp_kernel, pws_pos, pws_cnt, false, 0) == -1) return -1;
+            if (hashconfig->opts_type & OPTS_TYPE_AUX4)
+            {
+              if (run_kernel (hashcat_ctx, device_param, KERN_RUN_AUX4, pws_pos, pws_cnt, false, 0) == -1) return -1;
+
+              if (status_ctx->run_thread_level2 == false) break;
+            }
+          }
+        }
+        else
+        {
+          const u32 loops_cnt = hashes->salts_buf[salt_pos].digests_cnt;
 
-          if (status_ctx->run_thread_level2 == false) break;
+          for (u32 loops_pos = 0; loops_pos < loops_cnt; loops_pos++)
+          {
+            device_param->kernel_param.loop_pos = loops_pos;
+            device_param->kernel_param.loop_cnt = loops_cnt;
+
+            const u32 deep_comp_kernel = module_ctx->module_deep_comp_kernel (hashes, salt_pos, loops_pos);
+
+            if (run_kernel (hashcat_ctx, device_param, deep_comp_kernel, pws_pos, pws_cnt, false, 0) == -1) return -1;
+
+            if (status_ctx->run_thread_level2 == false) break;
+          }
         }
       }
       else