1 files changed, 81 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch
new file mode 100644
index 0000000000..b262dcac55
--- /dev/null
+++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch
@@ -0,0 +1,81 @@
+The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
+result in unauthenticated clients gaining access to the network.
+Backport a number of patches from upstream to fix this.
+CVE: CVE-2017-13077
+CVE: CVE-2017-13078
+CVE: CVE-2017-13079
+CVE: CVE-2017-13080
+CVE: CVE-2017-13081
+CVE: CVE-2017-13082
+CVE: CVE-2017-13086
+CVE: CVE-2017-13087
+CVE: CVE-2017-13088
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <j@w1.fi>
+Date: Sun, 1 Oct 2017 12:32:57 +0300
+Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
+The Authenticator state machine path for PTK rekeying ended up bypassing
+the AUTHENTICATION2 state where a new ANonce is generated when going
+directly to the PTKSTART state since there is no need to try to
+determine the PMK again in such a case. This is far from ideal since the
+new PTK would depend on a new nonce only from the supplicant.
+Fix this by generating a new ANonce when moving to the PTKSTART state
+for the purpose of starting new 4-way handshake to rekey PTK.
+Signed-off-by: Jouni Malinen <j@w1.fi>
+---
+ src/ap/wpa_auth.c | 24 +++++++++++++++++++++---
+ 1 file changed, 21 insertions(+), 3 deletions(-)
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 707971d..bf10cc1 100644
+--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
+@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
+ }
+ 
+ 
+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
+{
+       if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
+               wpa_printf(MSG_ERROR,
+                          "WPA: Failed to get random data for ANonce");
+               sm->Disconnect = TRUE;
+               return -1;
+       }
+       wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
+                   WPA_NONCE_LEN);
+       sm->TimeoutCtr = 0;
+       return 0;
+}
+
+
+ SM_STATE(WPA_PTK, INITPMK)
+ {
+        u8 msk[2 * PMK_LEN];
+@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
+                SM_ENTER(WPA_PTK, AUTHENTICATION);
+        else if (sm->ReAuthenticationRequest)
+                SM_ENTER(WPA_PTK, AUTHENTICATION2);
+-       else if (sm->PTKRequest)
+-               SM_ENTER(WPA_PTK, PTKSTART);
+-       else switch (sm->wpa_ptk_state) {
+       else if (sm->PTKRequest) {
+               if (wpa_auth_sm_ptk_update(sm) < 0)
+                       SM_ENTER(WPA_PTK, DISCONNECTED);
+               else
+                       SM_ENTER(WPA_PTK, PTKSTART);
+       } else switch (sm->wpa_ptk_state) {
+        case WPA_PTK_INITIALIZE:
+                break;
+        case WPA_PTK_DISCONNECT:
+-- 
+2.7.4
+\ No newline at end of file

diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch new file mode 100644 index 0000000000..b262dcac55 --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch
@@ -0,0 +1,81 @@
	1	The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
	2	result in unauthenticated clients gaining access to the network.
	3
	4	Backport a number of patches from upstream to fix this.
	5
	6	CVE: CVE-2017-13077
	7	CVE: CVE-2017-13078
	8	CVE: CVE-2017-13079
	9	CVE: CVE-2017-13080
	10	CVE: CVE-2017-13081
	11	CVE: CVE-2017-13082
	12	CVE: CVE-2017-13086
	13	CVE: CVE-2017-13087
	14	CVE: CVE-2017-13088
	15
	16	Upstream-Status: Backport
	17	Signed-off-by: Ross Burton <ross.burton@intel.com>
	18
	19	From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001
	20	From: Jouni Malinen <j@w1.fi>
	21	Date: Sun, 1 Oct 2017 12:32:57 +0300
	22	Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce
	23
	24	The Authenticator state machine path for PTK rekeying ended up bypassing
	25	the AUTHENTICATION2 state where a new ANonce is generated when going
	26	directly to the PTKSTART state since there is no need to try to
	27	determine the PMK again in such a case. This is far from ideal since the
	28	new PTK would depend on a new nonce only from the supplicant.
	29
	30	Fix this by generating a new ANonce when moving to the PTKSTART state
	31	for the purpose of starting new 4-way handshake to rekey PTK.
	32
	33	Signed-off-by: Jouni Malinen <j@w1.fi>
	34	---
	35	src/ap/wpa_auth.c \| 24 +++++++++++++++++++++---
	36	1 file changed, 21 insertions(+), 3 deletions(-)
	37
	38	diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
	39	index 707971d..bf10cc1 100644
	40	--- a/src/ap/wpa_auth.c
	41	+++ b/src/ap/wpa_auth.c
	42	@@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2)
	43	}
	44
	45
	46	+static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm)
	47	+{
	48	+ if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) {
	49	+ wpa_printf(MSG_ERROR,
	50	+ "WPA: Failed to get random data for ANonce");
	51	+ sm->Disconnect = TRUE;
	52	+ return -1;
	53	+ }
	54	+ wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce,
	55	+ WPA_NONCE_LEN);
	56	+ sm->TimeoutCtr = 0;
	57	+ return 0;
	58	+}
	59	+
	60	+
	61	SM_STATE(WPA_PTK, INITPMK)
	62	{
	63	u8 msk[2 * PMK_LEN];
	64	@@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK)
	65	SM_ENTER(WPA_PTK, AUTHENTICATION);
	66	else if (sm->ReAuthenticationRequest)
	67	SM_ENTER(WPA_PTK, AUTHENTICATION2);
	68	- else if (sm->PTKRequest)
	69	- SM_ENTER(WPA_PTK, PTKSTART);
	70	- else switch (sm->wpa_ptk_state) {
	71	+ else if (sm->PTKRequest) {
	72	+ if (wpa_auth_sm_ptk_update(sm) < 0)
	73	+ SM_ENTER(WPA_PTK, DISCONNECTED);
	74	+ else
	75	+ SM_ENTER(WPA_PTK, PTKSTART);
	76	+ } else switch (sm->wpa_ptk_state) {
	77	case WPA_PTK_INITIALIZE:
	78	break;
	79	case WPA_PTK_DISCONNECT:
	80	--
	81	2.7.4 \ No newline at end of file