Описание
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association.
A flaw was found in hostapd. This vulnerability allows an attacker to subvert future PKEX associations via passive observation and reuse of public key exchange elements.
Отчет
This vulnerability marked as important severity rather than moderate because it enables an attacker with prior PKEX bootstrapping knowledge to passively extract the ephemeral public key (X) from a subsequent exchange, effectively bypassing authentication and subverting the DPP onboarding process. Unlike a moderate vulnerability, which typically requires active exploitation or additional preconditions, this attack is low-interaction and stealthy, requiring only passive observation of a legitimate exchange. Furthermore, since PKEX is designed for out-of-band authentication in secure provisioning scenarios, its compromise undermines the integrity of device onboarding, potentially leading to unauthorized network access or man-in-the-middle (MitM) attacks.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | hostapd | Not affected | ||
| Red Hat Enterprise Linux 8 | hostapd | Will not fix | ||
| Red Hat Enterprise Linux 9 | hostapd | Affected |
Показывать по
Дополнительная информация
Статус:
7.4 High
CVSS3
Связанные уязвимости
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association.
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association.
In hostapd 2.10 and earlier, the PKEX code remains active even after a ...
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys, re-using the encrypting element Qi and subtracting it from the captured message M (X = M - Qi). This will result in the public ephemeral key X; the only element required to subvert the PKEX association.
7.4 High
CVSS3