PublicDateAtUSN: 2017-10-16
Candidate: CVE-2017-13086
PublicDate: 2017-10-17 13:29:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13086
 https://www.krackattacks.com/
 https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
 https://ubuntu.com/security/notices/USN-3455-1
Description:
 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled
 Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing
 an attacker within radio range to replay, decrypt, or spoof frames.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: high
Discovered-by: Mathy Vanhoef
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N [6.8 MEDIUM]


Patches_wpa:
upstream_wpa: needs-triage
precise/esm_wpa: DNE
trusty_wpa: released (2.1-0ubuntu1.5)
trusty/esm_wpa: released (2.1-0ubuntu1.5)
vivid/ubuntu-core_wpa: ignored (reached end-of-life)
xenial_wpa: released (2.4-0ubuntu6.2)
esm-infra/xenial_wpa: released (2.4-0ubuntu6.2)
zesty_wpa: released (2.4-0ubuntu9.1)
devel_wpa: released (2.4-0ubuntu10)