Vulnerability CVE-2017-13079: Information
Description
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
hostapd | sisyphus | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | p10 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | p9 | 2.6-alt2 | 2.9-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | c10f1 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
hostapd | c9f2 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2440-1 | 190880 | Fixed |
wpa_supplicant | sisyphus | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | p10 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | p9 | 2.6-alt2 | 2.9-alt4 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | p8 | 2.6-alt1.M80P.1 | 2.6-alt1.M80P.1 | ALT-PU-2017-2455-1 | 190972 | Fixed |
wpa_supplicant | c10f1 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | c9f2 | 2.6-alt2 | 2.10-alt2 | ALT-PU-2017-2441-1 | 190880 | Fixed |
wpa_supplicant | c7 | 2.6-alt1.M70C.1 | 2.6-alt1.M70C.1 | ALT-PU-2017-2445-1 | 190889 | Fixed |