wpa_supplicant

rpms/wpa_supplicant

Fork 0

Commit Graph

Author	SHA1	Message	Date
Lubomir Rintel	fbf8c1b456	Fix the "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" issues Upstream advisory: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt Details and the paper: https://www.krackattacks.com/ - hostapd: Avoid key reinstallation in FT handshake (CVE-2017-13082) - Fix PTK rekeying to generate a new ANonce - Prevent reinstallation of an already in-use group key and extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases (CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088) - Prevent installation of an all-zero TK - TDLS: Reject TPK-TK reconfiguration - WNM: Ignore WNM-Sleep Mode Response without pending request - FT: Do not allow multiple Reassociation Response frames	2017-10-16 13:09:02 +02:00

Author

SHA1

Message

Date

Lubomir Rintel

fbf8c1b456

Fix the "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" issues

Upstream advisory: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Details and the paper: https://www.krackattacks.com/

- hostapd: Avoid key reinstallation in FT handshake (CVE-2017-13082)
- Fix PTK rekeying to generate a new ANonce
- Prevent reinstallation of an already in-use group key and extend
  protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
  (CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
  CVE-2017-13087, CVE-2017-13088)
- Prevent installation of an all-zero TK
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response without pending request
- FT: Do not allow multiple Reassociation Response frames

2017-10-16 13:09:02 +02:00

1 Commits