FEDORA-2017-f45e844a85

security update in Fedora 27 for wpa_supplicant

Status: stable a year ago

Fix the for the Key Reinstallation Attacks

  • hostapd: Avoid key reinstallation in FT handshake (CVE-2017-13082)
  • Fix PTK rekeying to generate a new ANonce
  • Prevent reinstallation of an already in-use group key and extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases (CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088)
  • Prevent installation of an all-zero TK
  • TDLS: Reject TPK-TK reconfiguration
  • WNM: Ignore WNM-Sleep Mode Response without pending request
  • FT: Do not allow multiple Reassociation Response frames

Upstream advisory: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt

Details and the paper: https://www.krackattacks.com/

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

Comments 8

This update has been submitted for testing by lkundrak.

Looks good, works as expected. Can't test mitigation yet because no scripts have been released.

karma: +1 #1502589: +1

Seems to work here, I haven't verified CVE mitigation but it doesn't appear to break anything upon upgrade.

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

Seems fine on a few different devices and 2.4 and 5ghz networks

karma: +1 #1502589: +1 #1500304: +1 #1500303: +1 #1491698: +1 #1491697: +1 #1491696: +1 #1491694: +1 #1491693: +1 #1491692: +1

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1491692 CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake
#1491693 CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake
#1491694 CVE-2017-13079 wpa_supplicant: Reinstallation of the integrity group key in the 4-way handshake
#1491696 CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake
#1491697 CVE-2017-13081 wpa_supplicant: Reinstallation of the integrity group key in the group key handshake
#1491698 CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it
#1500303 CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
#1500304 CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
#1502589 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 wpa_supplicant: various flaws [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
+4
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted a year ago
in stable a year ago

Related Bugs 9

0+1 #1491692 CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake
0+1 #1491693 CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake
0+1 #1491694 CVE-2017-13079 wpa_supplicant: Reinstallation of the integrity group key in the 4-way handshake
0+1 #1491696 CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake
0+1 #1491697 CVE-2017-13081 wpa_supplicant: Reinstallation of the integrity group key in the group key handshake
0+1 #1491698 CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it
0+1 #1500303 CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
0+1 #1500304 CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
0+2 #1502589 CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 wpa_supplicant: various flaws [fedora-all]

Automated Test Results