Vulnerability CVE-2017-13082: Information
Description
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Severity: HIGH (8.1) Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
hostapd | sisyphus | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | p10 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | p9 | 2.6-alt2 | 2.9-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | c10f1 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | c9f2 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
wpa_supplicant | sisyphus | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | p10 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | p9 | 2.6-alt2 | 2.9-alt4 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | p8 | 2.6-alt1.M80P.1 | 2.6-alt1.M80P.1 | ALT-PU-2017-2455-1 | 190972 | Fixed |
wpa_supplicant | c10f1 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | c9f2 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | c7 | 2.6-alt1.M70C.1 | 2.6-alt1.M70C.1 | ALT-PU-2017-2445-1 | 190889 | Fixed |