CVE-2017-13077 in Ubuntu

CVE-2017-13077

Priority

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise
Transient Key (PTK) Temporal Key (TK) during the four-way handshake,
allowing an attacker within radio range to replay, decrypt, or spoof
frames.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13077
https://www.krackattacks.com/
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://usn.ubuntu.com/usn/usn-3455-1

Assigned-to

mdeslaur

Notes

Package

Source: wpa (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	released (2.1-0ubuntu1.5)
Ubuntu 16.04 LTS (Xenial Xerus):	released (2.4-0ubuntu6.2)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-12-05 18:48:05 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)