AVG-454 log

Package wpa_supplicant
Status Fixed
Severity High
Type man-in-the-middle
Affected 1:2.5-1
Fixed 1:2.6-1
Current 2:2.9-2 [core]
Ticket None
Created Mon Oct 16 22:24:58 2017
Issue Severity Remote Type Description
CVE-2017-13086 High Yes Man-in-the-middle
A vulnerability has been discovered that allows reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
References
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://papers.mathyvanhoef.com/ccs2017.pdf
https://www.kb.cert.org/vuls/id/228519
https://www.krackattacks.com/