diff options
| author | Ross Burton <ross.burton@intel.com> | 2017-10-16 23:23:37 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-10-16 23:47:12 +0100 |
| commit | 54e3f82bd77203c3d578e26c86506e6ef5c27000 (patch) | |
| tree | ad789b74f4fb4f8f3732feeb82d624b1d8fe0bf7 /meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb | |
| parent | 426bc4c3575a85391a60328edb1f7c6a6bdb95fd (diff) | |
| download | poky-54e3f82bd77203c3d578e26c86506e6ef5c27000.tar.gz | |
wpa_supplicant: fix WPA2 key replay security bug
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.
* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
* CVE-2017-13078: reinstallation of the group key in the Four-way handshake
* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake
* CVE-2017-13080: reinstallation of the group key in the Group Key handshake
* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake
* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it
* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake
* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame
* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame
Backport patches from upstream to resolve these CVEs.
(From OE-Core rev: bfa04fa71c47e8fe9528208848cfcec2e232777d)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb')
| -rw-r--r-- | meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb index a4160e1c5c..f4b3b6a887 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb | |||
| @@ -29,6 +29,7 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \ | |||
| 29 | file://0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch \ | 29 | file://0001-Reject-psk-parameter-set-with-invalid-passphrase-cha.patch \ |
| 30 | file://0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch \ | 30 | file://0002-Reject-SET_CRED-commands-with-newline-characters-in-.patch \ |
| 31 | file://0003-Reject-SET-commands-with-newline-characters-in-the-s.patch \ | 31 | file://0003-Reject-SET-commands-with-newline-characters-in-the-s.patch \ |
| 32 | file://key-replay-cve-multiple.patch \ | ||
| 32 | " | 33 | " |
| 33 | SRC_URI[md5sum] = "96ff75c3a514f1f324560a2376f13110" | 34 | SRC_URI[md5sum] = "96ff75c3a514f1f324560a2376f13110" |
| 34 | SRC_URI[sha256sum] = "cce55bae483b364eae55c35ba567c279be442ed8bab5b80a3c7fb0d057b9b316" | 35 | SRC_URI[sha256sum] = "cce55bae483b364eae55c35ba567c279be442ed8bab5b80a3c7fb0d057b9b316" |