diff options
Diffstat (limited to 'meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch')
-rw-r--r-- | meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch new file mode 100644 index 0000000000..b262dcac55 --- /dev/null +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple5.patch | |||
@@ -0,0 +1,81 @@ | |||
1 | The WPA2 four-way handshake protocol is vulnerable to replay attacks which can | ||
2 | result in unauthenticated clients gaining access to the network. | ||
3 | |||
4 | Backport a number of patches from upstream to fix this. | ||
5 | |||
6 | CVE: CVE-2017-13077 | ||
7 | CVE: CVE-2017-13078 | ||
8 | CVE: CVE-2017-13079 | ||
9 | CVE: CVE-2017-13080 | ||
10 | CVE: CVE-2017-13081 | ||
11 | CVE: CVE-2017-13082 | ||
12 | CVE: CVE-2017-13086 | ||
13 | CVE: CVE-2017-13087 | ||
14 | CVE: CVE-2017-13088 | ||
15 | |||
16 | Upstream-Status: Backport | ||
17 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
18 | |||
19 | From 12fac09b437a1dc8a0f253e265934a8aaf4d2f8b Mon Sep 17 00:00:00 2001 | ||
20 | From: Jouni Malinen <j@w1.fi> | ||
21 | Date: Sun, 1 Oct 2017 12:32:57 +0300 | ||
22 | Subject: [PATCH 5/8] Fix PTK rekeying to generate a new ANonce | ||
23 | |||
24 | The Authenticator state machine path for PTK rekeying ended up bypassing | ||
25 | the AUTHENTICATION2 state where a new ANonce is generated when going | ||
26 | directly to the PTKSTART state since there is no need to try to | ||
27 | determine the PMK again in such a case. This is far from ideal since the | ||
28 | new PTK would depend on a new nonce only from the supplicant. | ||
29 | |||
30 | Fix this by generating a new ANonce when moving to the PTKSTART state | ||
31 | for the purpose of starting new 4-way handshake to rekey PTK. | ||
32 | |||
33 | Signed-off-by: Jouni Malinen <j@w1.fi> | ||
34 | --- | ||
35 | src/ap/wpa_auth.c | 24 +++++++++++++++++++++--- | ||
36 | 1 file changed, 21 insertions(+), 3 deletions(-) | ||
37 | |||
38 | diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c | ||
39 | index 707971d..bf10cc1 100644 | ||
40 | --- a/src/ap/wpa_auth.c | ||
41 | +++ b/src/ap/wpa_auth.c | ||
42 | @@ -1901,6 +1901,21 @@ SM_STATE(WPA_PTK, AUTHENTICATION2) | ||
43 | } | ||
44 | |||
45 | |||
46 | +static int wpa_auth_sm_ptk_update(struct wpa_state_machine *sm) | ||
47 | +{ | ||
48 | + if (random_get_bytes(sm->ANonce, WPA_NONCE_LEN)) { | ||
49 | + wpa_printf(MSG_ERROR, | ||
50 | + "WPA: Failed to get random data for ANonce"); | ||
51 | + sm->Disconnect = TRUE; | ||
52 | + return -1; | ||
53 | + } | ||
54 | + wpa_hexdump(MSG_DEBUG, "WPA: Assign new ANonce", sm->ANonce, | ||
55 | + WPA_NONCE_LEN); | ||
56 | + sm->TimeoutCtr = 0; | ||
57 | + return 0; | ||
58 | +} | ||
59 | + | ||
60 | + | ||
61 | SM_STATE(WPA_PTK, INITPMK) | ||
62 | { | ||
63 | u8 msk[2 * PMK_LEN]; | ||
64 | @@ -2458,9 +2473,12 @@ SM_STEP(WPA_PTK) | ||
65 | SM_ENTER(WPA_PTK, AUTHENTICATION); | ||
66 | else if (sm->ReAuthenticationRequest) | ||
67 | SM_ENTER(WPA_PTK, AUTHENTICATION2); | ||
68 | - else if (sm->PTKRequest) | ||
69 | - SM_ENTER(WPA_PTK, PTKSTART); | ||
70 | - else switch (sm->wpa_ptk_state) { | ||
71 | + else if (sm->PTKRequest) { | ||
72 | + if (wpa_auth_sm_ptk_update(sm) < 0) | ||
73 | + SM_ENTER(WPA_PTK, DISCONNECTED); | ||
74 | + else | ||
75 | + SM_ENTER(WPA_PTK, PTKSTART); | ||
76 | + } else switch (sm->wpa_ptk_state) { | ||
77 | case WPA_PTK_INITIALIZE: | ||
78 | break; | ||
79 | case WPA_PTK_DISCONNECT: | ||
80 | -- | ||
81 | 2.7.4 \ No newline at end of file | ||