CVE-2017-13088 in Ubuntu

CVE-2017-13088 (retired)

Priority

Description

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows
reinstallation of the Integrity Group Temporal Key (IGTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame, allowing an
attacker within radio range to replay frames from access points to clients.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088
https://www.krackattacks.com/
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://usn.ubuntu.com/usn/usn-3455-1

Assigned-to

mdeslaur

Package

Source: wpa (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	released (2.1-0ubuntu1.5)
Ubuntu 16.04 LTS (Xenial Xerus):	released (2.4-0ubuntu6.2)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-03-26 12:24:52 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)