Commit - rpms/wpa_supplicant - fbf8c1b45689657cfceb730fcc908643527c988c

    Fix the "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" issues
    
    Upstream advisory: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
    Details and the paper: https://www.krackattacks.com/
    
    - hostapd: Avoid key reinstallation in FT handshake (CVE-2017-13082)
    - Fix PTK rekeying to generate a new ANonce
    - Prevent reinstallation of an already in-use group key and extend
      protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
      (CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
      CVE-2017-13087, CVE-2017-13088)
    - Prevent installation of an all-zero TK
    - TDLS: Reject TPK-TK reconfiguration
    - WNM: Ignore WNM-Sleep Mode Response without pending request
    - FT: Do not allow multiple Reassociation Response frames

rebased-v2.6-0001-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch

file added

+174

rebased-v2.6-0002-Prevent-reinstallation-of-an-already-in-use-group-ke.patch

file added

+250

rebased-v2.6-0003-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch

file added

+184

rebased-v2.6-0004-Prevent-installation-of-an-all-zero-TK.patch

file added

+79

rebased-v2.6-0005-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch

file added

+64

rebased-v2.6-0006-TDLS-Reject-TPK-TK-reconfiguration.patch

file added

+132

rebased-v2.6-0007-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch

file added

+43

rebased-v2.6-0008-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch

file added

+82

sources

file modified

+1 -1

wpa_supplicant.spec

file modified

+42 -7

rpms / wpa_supplicant

Source Code

fbf8c1b Fix the "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" issues

Authored and Committed by lkundrak 6 years ago

`fbf8c1b` Fix the "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" issues