CWE-323: Reusing a Nonce, Key Pair in Encryption

Jouni Malinen j at
Wed Nov 1 03:20:28 PDT 2017

On Tue, Oct 31, 2017 at 05:03:12PM +0100, Radoslaw Martyniszyn wrote:
> Does vulnerability
> affect wpa_supplicant? If yes, has it already been fixed? Could you
> please tell me which commit id or patch fixes it?

That's a pointer to a definition of a generic type of implementation
issue, not a pointer to a specific security vulnerability. I guess you
are talking about the key reinstallation issues that were published
recently. This security advisory discusses their impact to

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list