CVE-2017-13088 in Ubuntu

CVE-2017-13088

Priority

Description

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows
reinstallation of the Integrity Group Temporal Key (IGTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame, allowing an
attacker within radio range to replay frames from access points to clients.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13088
https://www.krackattacks.com/
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://usn.ubuntu.com/usn/usn-3455-1

Assigned-to

mdeslaur

Notes

Package

Source: wpa (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 ESM (Trusty Tahr):	released (2.1-0ubuntu1.5)
Ubuntu 16.04 LTS (Xenial Xerus):	released (2.4-0ubuntu6.2)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2020-07-28 19:59:50 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)