cve-2017-13077 - WPA2 security vulni
Stefan Esser
se at freebsd.org
Mon Oct 16 11:19:24 UTC 2017
Am 16.10.17 um 12:38 schrieb blubee blubeeme:
> well, that's a cluster if I ever seen one.
>
> On Mon, Oct 16, 2017 at 6:35 PM, Poul-Henning Kamp <phk at phk.freebsd.dk>
> wrote:
>
>> --------
>> In message <CALM2mEmawo7q7GNYLQZPovPVP3dQun5S4Aa4J8Cw2nK8g6Ux4Q at mail.
>> gmail.com>
>> , blubee blubeeme writes:
>>
>>> Does anyone on FreeBSD know if it's affected by this?
>>> https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13077
>>
>> It is, same as Linux, we use the same wpa_supplicant software
The attached patch includes the official patch applied by the WPA
developers in https://w1.fi/cgit/hostap/commit/?id=a00e946 but
for our version of wpa_supplicant in /usr/src/contrib.
Regards, STefan
-------------- next part --------------
Index: contrib/wpa/src/rsn_supp/wpa.c
===================================================================
--- contrib/wpa/src/rsn_supp/wpa.c (Revision 324638)
+++ contrib/wpa/src/rsn_supp/wpa.c (Arbeitskopie)
@@ -1534,6 +1534,14 @@
sm->ptk_set = 1;
os_memcpy(&sm->ptk, &sm->tptk, sizeof(sm->ptk));
os_memset(&sm->tptk, 0, sizeof(sm->tptk));
+ /*
+ * This assures the same TPTK in sm->tptk can never be
+ * copied twice to sm->pkt as the new PTK. In
+ * combination with the installed flag in the wpa_ptk
+ * struct, this assures the same PTK is only installed
+ * once.
+ */
+ sm->renew_snonce = 1;
}
}
More information about the freebsd-current
mailing list