code.ossystems Code Review - openembedded-core.git/commit

author	Ross Burton <ross.burton@intel.com>
	Mon, 16 Oct 2017 18:53:07 +0000 (19:53 +0100)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 16 Oct 2017 22:46:18 +0000 (23:46 +0100)
commit	c79b479ab4b129007c6679bb0bdd8e2ec7ecb6ad
tree	6141c2bc735358972e5bc6f21c6bc71bef40ce6d	tree \| snapshot
parent	0bc03289b775fefcb7f03e5463c79e4f96cd0b12	commit \| diff

wpa_supplicant: fix WPA2 key replay security bug

WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb		diff \| blob \| history