Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:2755-1

Опубликовано: 18 окт. 2017
Источник: suse-cvrf

Описание

Security update for wpa_supplicant

This update for wpa_supplicant fixes the security issues:

  • Several vulnerabilities in standard conforming implementations of the WPA2 protocol have been discovered and published under the code name KRACK. This update remedies those issues in a backwards compatible manner, i.e. the updated wpa_supplicant can interface properly with both vulnerable and patched implementations of WPA2, but an attacker won't be able to exploit the KRACK weaknesses in those connections anymore even if the other party is still vulnerable. [bsc#1056061, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13087, CVE-2017-13088]

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.2
wpa_supplicant-2.2-13.1
wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3
wpa_supplicant-2.2-13.1
wpa_supplicant-gui-2.2-13.1

Ссылки

Описание

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Затронутые продукты
openSUSE Leap 42.2:wpa_supplicant-2.2-13.1
openSUSE Leap 42.2:wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-gui-2.2-13.1
Ссылки

Описание

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Затронутые продукты
openSUSE Leap 42.2:wpa_supplicant-2.2-13.1
openSUSE Leap 42.2:wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-gui-2.2-13.1
Ссылки

Описание

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Затронутые продукты
openSUSE Leap 42.2:wpa_supplicant-2.2-13.1
openSUSE Leap 42.2:wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-gui-2.2-13.1
Ссылки

Описание

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Затронутые продукты
openSUSE Leap 42.2:wpa_supplicant-2.2-13.1
openSUSE Leap 42.2:wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-gui-2.2-13.1
Ссылки

Описание

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Затронутые продукты
openSUSE Leap 42.2:wpa_supplicant-2.2-13.1
openSUSE Leap 42.2:wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-gui-2.2-13.1
Ссылки

Описание

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Затронутые продукты
openSUSE Leap 42.2:wpa_supplicant-2.2-13.1
openSUSE Leap 42.2:wpa_supplicant-gui-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-2.2-13.1
openSUSE Leap 42.3:wpa_supplicant-gui-2.2-13.1
Ссылки
Уязвимость openSUSE-SU-2017:2755-1