Vulnerability CVE-2017-13077: Information

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Severity: MEDIUM (6.8) Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-13077

Published: Oct. 17, 2017

Modified: Oct. 3, 2019

Error type identifier: CWE-330

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
hostapd	sisyphus	2.6-alt2	2.10-alt2	ALT-PU-2017-2440-1	190880	Fixed
hostapd	p10	2.6-alt2	2.10-alt2	ALT-PU-2017-2440-1	190880	Fixed
hostapd	p9	2.6-alt2	2.9-alt2	ALT-PU-2017-2440-1	190880	Fixed
hostapd	c10f1	2.6-alt2	2.10-alt2	ALT-PU-2017-2440-1	190880	Fixed
hostapd	c9f2	2.6-alt2	2.10-alt2	ALT-PU-2017-2440-1	190880	Fixed
wpa_supplicant	sisyphus	2.6-alt2	2.10-alt2	ALT-PU-2017-2441-1	190880	Fixed
wpa_supplicant	p10	2.6-alt2	2.10-alt2	ALT-PU-2017-2441-1	190880	Fixed
wpa_supplicant	p9	2.6-alt2	2.9-alt4	ALT-PU-2017-2441-1	190880	Fixed
wpa_supplicant	p8	2.6-alt1.M80P.1	2.6-alt1.M80P.1	ALT-PU-2017-2455-1	190972	Fixed
wpa_supplicant	c10f1	2.6-alt2	2.10-alt2	ALT-PU-2017-2441-1	190880	Fixed
wpa_supplicant	c9f2	2.6-alt2	2.10-alt2	ALT-PU-2017-2441-1	190880	Fixed
wpa_supplicant	c7	2.6-alt1.M70C.1	2.6-alt1.M70C.1	ALT-PU-2017-2445-1	190889	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://www.krackattacks.com/	Technical Description Third Party Advisory
VU#228519	Third Party Advisory US Government Resource
1039585	Third Party Advisory VDB Entry
1039581	Third Party Advisory VDB Entry
1039578	Third Party Advisory VDB Entry
1039577	Third Party Advisory VDB Entry
1039576	Third Party Advisory VDB Entry
1039573	Third Party Advisory VDB Entry
101274	Third Party Advisory VDB Entry
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	Third Party Advisory
20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II	Third Party Advisory
https://support.lenovo.com/us/en/product_security/LEN-17420	Third Party Advisory
FreeBSD-SA-17:07	Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks	Third Party Advisory
RHSA-2017:2911	Third Party Advisory
RHSA-2017:2907	Third Party Advisory
USN-3455-1	Third Party Advisory
DSA-3999	Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt	Third Party Advisory
GLSA-201711-03
https://support.apple.com/HT208222
https://support.apple.com/HT208221
https://support.apple.com/HT208220
https://support.apple.com/HT208219
https://source.android.com/security/bulletin/2017-11-01
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
https://source.android.com/security/bulletin/2018-04-01
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://cert.vde.com/en-us/advisories/vde-2017-003
https://source.android.com/security/bulletin/2018-06-01
1041432
[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update

Affected configurations:
1. Configuration 1
  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
  cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*
  cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
  cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
  cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
  cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*
  cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
  cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*
  cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*
  cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*
  cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*
  cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*
  cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*

Version: v24.4.2

Vulnerability CVE-2017-13077: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3