AVG-451 - log back

AVG-451 created at 25 Sep 2019 19:31:50
Packages
+ hostapd
Issues
+ CVE-2017-13084
Status
+ Not affected
Severity
+ High
Affected
+ 2.6-5
Fixed
Ticket
Advisory qualified
+ No
References
+ https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
+ https://papers.mathyvanhoef.com/ccs2017.pdf
+ https://www.kb.cert.org/vuls/id/228519
+ https://www.krackattacks.com/
Notes
+ PeerKey implementation in wpa_supplicant is not fully functional and the actual installation of the key into the driver does not work. As such, this item is not applicable in practice.
+ Furthermore, the PeerKey handshake for IEEE 802.11e DLS is obsolete and not known to have been deployed.