wpa_supplicant: fix WPA2 key replay security bug
WPA2 is vulnerable to replay attacks which result in unauthenticated users having access to the network. * CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake * CVE-2017-13078: reinstallation of the group key in the Four-way handshake * CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake * CVE-2017-13080: reinstallation of the group key in the Group Key handshake * CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake * CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it * CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake * CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame * CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame Backport patches from upstream to resolve these CVEs. (From OE-Core rev: 28d2d47f2a4fc3eb649cf58e82bce0525ab0bc74) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
b1f14ecddf
commit
827eb5b232
File diff suppressed because it is too large
Load Diff
|
@ -24,6 +24,7 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \
|
||||||
file://wpa_supplicant.conf \
|
file://wpa_supplicant.conf \
|
||||||
file://wpa_supplicant.conf-sane \
|
file://wpa_supplicant.conf-sane \
|
||||||
file://99_wpa_supplicant \
|
file://99_wpa_supplicant \
|
||||||
|
file://key-replay-cve-multiple.patch \
|
||||||
"
|
"
|
||||||
SRC_URI[md5sum] = "091569eb4440b7d7f2b4276dbfc03c3c"
|
SRC_URI[md5sum] = "091569eb4440b7d7f2b4276dbfc03c3c"
|
||||||
SRC_URI[sha256sum] = "b4936d34c4e6cdd44954beba74296d964bc2c9668ecaa5255e499636fe2b1450"
|
SRC_URI[sha256sum] = "b4936d34c4e6cdd44954beba74296d964bc2c9668ecaa5255e499636fe2b1450"
|
||||||
|
|
Loading…
Reference in New Issue