diff options
author | Mark Hatle <mark.hatle@windriver.com> | 2017-10-16 12:43:36 -0400 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2017-10-16 14:39:31 -0700 |
commit | 35076e347be65073a7f9d0598d2e1664aed86fa4 (patch) | |
tree | c16e7586d5e6f826d536514ff0689e6d2049cf82 /meta-oe/recipes-navigation/geoclue | |
parent | 3552877d24845689e7d4e7919ff7b372da70dd40 (diff) | |
download | meta-openembedded-contrib-35076e347be65073a7f9d0598d2e1664aed86fa4.tar.gz |
hostapd: fix WPA2 key replay security bug
Note, hostapd and wpa_supplicant use the same sources. This commit is based
on Ross Burton's change to OpenEmbedded-core. Below is Ross's commit message
from OpenEmbedded-Core.
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.
* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
* CVE-2017-13078: reinstallation of the group key in the Four-way handshake
* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
* CVE-2017-13080: reinstallation of the group key in the Group Key handshake
* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame
Backport patches from upstream to resolve these CVEs.
Signed-off-by: Ross Burton <ross.burton@intel.com>
The hunk:
[PATCH 7/8] WNM: Ignore WNM-Sleep Mode Response without pending request
does not apply to hostapd and was removed from the patch.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit ed6b5da8740034faf599010c12e3dc77e5490cd4)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-oe/recipes-navigation/geoclue')
0 files changed, 0 insertions, 0 deletions