ID:

CVE-2017-13082 (NVD)

- Vulnerability Info (edit)
2017-10-17

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Products Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant
Type 7PK - Security Features (CWE-254)
First patch - None (likely due to unavailable code)
Patches https://github.com/vanhoefm/krackattacks-test-ap-ft
Links https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
https://support.lenovo.com/us/en/product_security/LEN-17420
https://www.krackattacks.com/
http://www.securitytracker.com/id/1039570
Annotation

Note:

No patch was assigned yet.