CVE-2017-13082 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Man-in-the-middle
Description	A vulnerability has been discovered that allows accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key (PTK) while processing it.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-448	hostapd	2.6-5	2.6-6	High	Fixed
AVG-447	wpa_supplicant	1:2.6-10	1:2.6-11	High	Fixed

Date	Advisory	Group	Package	Severity	Type
16 Oct 2017	ASA-201710-23	AVG-448	hostapd	High	man-in-the-middle
16 Oct 2017	ASA-201710-22	AVG-447	wpa_supplicant	High	man-in-the-middle

References
https://w1.fi/cgit/hostap/commit/?id=0e3bd7ac684a2289aa613347e2f3ad54ad6a9449 https://w1.fi/cgit/hostap/commit/?id=e760851176c77ae6de19821bb1d5bf3ae2cb5187 https://w1.fi/cgit/hostap/commit/?id=2a9c5217b18be9462a5329626e2f95cc7dd8d4f1

References

https://w1.fi/cgit/hostap/commit/?id=0e3bd7ac684a2289aa613347e2f3ad54ad6a9449
https://w1.fi/cgit/hostap/commit/?id=e760851176c77ae6de19821bb1d5bf3ae2cb5187
https://w1.fi/cgit/hostap/commit/?id=2a9c5217b18be9462a5329626e2f95cc7dd8d4f1