CVE-2017-13084 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Man-in-the-middle
Description	A vulnerability has been discovered that allows reinstallation of the short term key (STK) in the PeerKey handshake.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-452	wpa_supplicant	1:2.6-10		High	Not affected
AVG-451	hostapd	2.6-5		High	Not affected

References
https://w1.fi/cgit/hostap/commit/?id=ff89af96e5a35c86f50330d2b86c18323318a60c

Notes
PeerKey implementation in wpa_supplicant is not fully functional and the actual installation of the key into the driver does not work. As such, this item is not applicable in practice. Furthermore, the PeerKey handshake for IEEE 802.11e DLS is obsolete and not known to have been deployed.

Notes

PeerKey implementation in wpa_supplicant is not fully functional and the actual installation of the key into the driver does not work. As such, this item is not applicable in practice. 
Furthermore, the PeerKey handshake for IEEE 802.11e DLS is obsolete and not known to have been deployed.