wpa_supplicant/sources at e36192aacc2818aa6f235ed02f685562cafb062c - wpa_supplicant - AlmaLinux OS Foundation Git Server

rpms/wpa_supplicant

Lubomir Rintel fbf8c1b456 Fix the "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" issues

Upstream advisory: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Details and the paper: https://www.krackattacks.com/

- hostapd: Avoid key reinstallation in FT handshake (CVE-2017-13082)
- Fix PTK rekeying to generate a new ANonce
- Prevent reinstallation of an already in-use group key and extend
  protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
  (CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
  CVE-2017-13087, CVE-2017-13088)
- Prevent installation of an all-zero TK
- TDLS: Reject TPK-TK reconfiguration
- WNM: Ignore WNM-Sleep Mode Response without pending request
- FT: Do not allow multiple Reassociation Response frames

2017-10-16 13:09:02 +02:00

2 lines

166 B

Plaintext

Raw Blame History

SHA512 (wpa_supplicant-2.6.tar.gz) = 46442cddb6ca043b8b08d143908f149954c238e0f3a57a0df73ca4fab9c1acd91b078f3f26375a1d99cd1d65625986328018c735d8705882c8f91e389cad28a6