CVE-2017-13084 log
Source |
|
Severity | High |
Remote | Yes |
Type | Man-in-the-middle |
Description | A vulnerability has been discovered that allows reinstallation of the short term key (STK) in the PeerKey handshake. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-452 | wpa_supplicant | 1:2.6-10 | High | Not affected | ||
AVG-451 | hostapd | 2.6-5 | High | Not affected |
References |
---|
https://w1.fi/cgit/hostap/commit/?id=ff89af96e5a35c86f50330d2b86c18323318a60c |
Notes |
---|
PeerKey implementation in wpa_supplicant is not fully functional and the actual installation of the key into the driver does not work. As such, this item is not applicable in practice. Furthermore, the PeerKey handshake for IEEE 802.11e DLS is obsolete and not known to have been deployed. |