FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- WPA2 protocol vulnerability

Affected packages
11.1 <= FreeBSD < 11.1_2
11.0 <= FreeBSD < 11.0_13
10.4 <= FreeBSD < 10.4_1
10.3 <= FreeBSD < 10.3_22

Details

VuXML ID 1f8de723-dab3-11e7-b5af-a4badb2f4699
Discovery 2017-10-16
Entry 2017-12-06

Problem Description:

A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

Impact:

Such reinstallation of the encryption key can result in two different types of vulnerabilities: disabling replay protection and significantly reducing the security of encryption to the point of allowing frames to be decrypted or some parts of the keys to be determined by an attacker depending on which cipher is used.

References

CVE Name CVE-2017-1307
CVE Name CVE-2017-1308
FreeBSD Advisory SA-17:07.wpa