Bug 223051
| Summary: | security/vuxml: Document vulnerability in wpa_supplicant and hostapd | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | VK <vlad-fbsd> | ||||
| Component: | Individual Port(s) | Assignee: | Ports Security Team <ports-secteam> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Some People | CC: | leres | ||||
| Priority: | --- | Keywords: | patch, security | ||||
| Version: | Latest | Flags: | bugzilla:
maintainer-feedback?
(ports-secteam) |
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| URL: | http://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt | ||||||
| Attachments: |
|
||||||
Notify hostapd maintainer. A commit references this bug: Author: swills Date: Mon Oct 16 19:57:56 UTC 2017 New revision: 452248 URL: https://svnweb.freebsd.org/changeset/ports/452248 Log: Document hostapd and wpa_supplicant issue PR: 223051 Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> Changes: head/security/vuxml/vuln.xml Committed, thanks! |
Created attachment 187219 [details] Document vulnerability in WPA A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys. This set of vulnerabilities is also known as "KRACKs", or "Key Reinstallation Attacks".