NetBSD Information for VU#228519
Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
- Vendor Information Help Date Notified: 28 Aug 2017
- Statement Date: 17 Oct 2017
- Date Updated: 17 Oct 2017
For CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13084 CVE-2017-13086
CVE-2017-13087 CVE-2017-13088 aka KRACK Attacks as covered in:
wpa_supplicant has been patched in our packaging system (pkgsrc) http://mail-index.netbsd.org/pkgsrc-changes/2017/10/16/msg165381.html
And for NetBSD itself, a patch has been commited to the HEAD of the tree & is pending to be merged into the NetBSD/6, 7, 8 branches.
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.