Описание
Security update for wpa_supplicant
This update for wpa_supplicant fixes the security issues:
- Several vulnerabilities in standard conforming implementations of the WPA2 protocol have been discovered and published under the code name KRACK. This update remedies those issues in a backwards compatible manner, i.e. the updated wpa_supplicant can interface properly with both vulnerable and patched implementations of WPA2, but an attacker won't be able to exploit the KRACK weaknesses in those connections anymore even if the other party is still vulnerable. [bsc#1056061, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088]
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE OpenStack Cloud 6
Ссылки
- Link for SUSE-SU-2017:2745-1
- E-Mail link for SUSE-SU-2017:2745-1
- SUSE Security Ratings
- SUSE Bug 1056061
- SUSE CVE CVE-2017-13078 page
- SUSE CVE CVE-2017-13079 page
- SUSE CVE CVE-2017-13080 page
- SUSE CVE CVE-2017-13081 page
- SUSE CVE CVE-2017-13087 page
- SUSE CVE CVE-2017-13088 page
Описание
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
Затронутые продукты
Ссылки
- CVE-2017-13078
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1063667
- SUSE Bug 1179588
Описание
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Затронутые продукты
Ссылки
- CVE-2017-13079
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1179588
Описание
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Затронутые продукты
Ссылки
- CVE-2017-13080
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1063667
- SUSE Bug 1063671
- SUSE Bug 1066295
- SUSE Bug 1105108
- SUSE Bug 1178872
- SUSE Bug 1179588
Описание
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Затронутые продукты
Ссылки
- CVE-2017-13081
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1066295
- SUSE Bug 1105108
- SUSE Bug 1179588
Описание
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
Затронутые продукты
Ссылки
- CVE-2017-13087
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1179588
Описание
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
Затронутые продукты
Ссылки
- CVE-2017-13088
- SUSE Bug 1056061
- SUSE Bug 1063479
- SUSE Bug 1179588