{"id":"MGASA-2017-0379","summary":"Updated wpa_supplicant and hostapd packages fix security vulnerabilities","details":"Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly\nhandled WPA2. A remote attacker could use this issue with key\nreinstallation attacks to obtain sensitive information. (CVE-2017-13077,\nCVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,\nCVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)\n","modified":"2026-02-01T18:34:26.736248Z","published":"2017-10-19T18:14:02Z","related":["CVE-2017-13077","CVE-2017-13078","CVE-2017-13079","CVE-2017-13080","CVE-2017-13081","CVE-2017-13082","CVE-2017-13086","CVE-2017-13087","CVE-2017-13088"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0379.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21879"},{"type":"REPORT","url":"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"}],"affected":[{"package":{"name":"hostapd","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/hostapd?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0379.json"}},{"package":{"name":"wpa_supplicant","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/wpa_supplicant?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0379.json"}},{"package":{"name":"hostapd","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/hostapd?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6-1.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0379.json"}},{"package":{"name":"wpa_supplicant","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/wpa_supplicant?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6-1.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0379.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}