[FS#1069] update wireless to address new WPA2 4-way handshake vulns

LEDE Bugs lede-bugs at lists.infradead.org
Mon Oct 16 14:07:21 PDT 2017 

A new Flyspray task has been opened.  Details are below. 

User who did this - Ian MacDonald (imac) 

Attached to Project - LEDE Project
Summary - update wireless to address new WPA2 4-way handshake vulns
Task Type - Bug Report
Category - Base system
Status - Unconfirmed
Assigned To - 
Operating System - All
Severity - High
Priority - Very Low
Reported Version - Trunk
Due in Version - Undecided
Due Date - Undecided
Details - Based on some of the preliminary findings, it looks like the LEDE system will be impacted by the WPA2 vulns similar to other linux based wifi.  A quick bump here to allow for tracking.  

CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake. (https://nvd.nist.gov/vuln/detail/CVE-2017-13077)
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake. (https://nvd.nist.gov/vuln/detail/CVE-2017-13078)
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake. (https://nvd.nist.gov/vuln/detail/CVE-2017-13079)
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.(https://nvd.nist.gov/vuln/detail/CVE-2017-13080)
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake. (https://nvd.nist.gov/vuln/detail/CVE-2017-13081)
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.(https://nvd.nist.gov/vuln/detail/CVE-2017-13082)
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake. (https://nvd.nist.gov/vuln/detail/CVE-2017-13084)
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake. (https://nvd.nist.gov/vuln/detail/CVE-2017-13086)
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame. (https://nvd.nist.gov/vuln/detail/CVE-2017-13087)
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response  frame. (https://nvd.nist.gov/vuln/detail/CVE-2017-13088)

A quick read on impact: https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping

More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=1069

More information about the lede-bugs mailing list