CVE-2017-13077 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Man-in-the-middle
Description	A vulnerability has been discovered that allows reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-448	hostapd	2.6-5	2.6-6	High	Fixed
AVG-447	wpa_supplicant	1:2.6-10	1:2.6-11	High	Fixed

Date	Advisory	Group	Package	Severity	Type
16 Oct 2017	ASA-201710-23	AVG-448	hostapd	High	man-in-the-middle
16 Oct 2017	ASA-201710-22	AVG-447	wpa_supplicant	High	man-in-the-middle

References
https://w1.fi/cgit/hostap/commit/?id=53bb18cc8b7a4da72e47e4b3752d0d2135cffb23 https://w1.fi/cgit/hostap/commit/?id=0adc9b28b39d414d5febfff752f6a1576f785c85