BSDSec

deadsimple BSD Security Advisories and Announcements

FreeBSD Security Notice: WPA2 vulnerabilities

16 October, 2017 by security-advisories@freebsd.org | freebsd 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Dear FreeBSD community,

As many have already noticed, there are a few newly disclosed WPA2
protocol vulnerabilities that affects wpa_supplicant and hostapd which
also affects all supported FreeBSD releases:

  A vulnerability was found in how a number of implementations can be
  triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
  replaying a specific frame that is used to manage the keys.

  Such reinstallation of the encryption key can result in two different
  types of vulnerabilities: disabling replay protection and significantly
  reducing the security of encryption to the point of allowing frames to
  be decrypted or some parts of the keys to be determined by an attacker
  depending on which cipher is used.

We are actively working on a patch for the base system to address these
issues. Current users who use Wi-Fi with WPA2 should use a wired
connection as a workaround, and we strongly recommend using end-to-end
encryption methods like HTTPS or SSH to better protect against this type
of attack.  Please note that a successful attack requires close
proximity to the victim systems.

Alternatively, we recommend wpa_supplicant users who are concerned with
the issue to install an updated version from the ports/packages
collection (version 2.6_2 or later).  It can be installed via ports
with:

  portsnap fetch update
  cd /usr/ports/security/wpa_supplicant
  make clean; make all deinstall install clean;

Change /etc/rc.conf to make use of the port/package version by adding:

  wpa_supplicant_program="/usr/local/sbin/wpa_supplicant"

And restart the Wi-Fi network interfaces or reboot the system.

Additional information about this remediation will be released as
SA-17:07 once it becomes available.

For more information about the vulnerabilities, please see the following
online resources:
https://www.krackattacks.com/
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt

Sincerely,
The FreeBSD Security Team

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnlNZRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
aucGZhAAhy2aYcwShA6qiFixQbnmlyYr83+djWRIdpS1UIVmH5d3p26uQI6l58r1
+9LriuqLa/AiEgbsRXllA4923zQ8dfZuKYY6LMh6DWO1EZv/ganr5lFtvTTZ952Z
jeUndq84wIgTHQ7Bnjr3mDHMe5USXworlnIml/dj2+gNnEfr/Kkit+76JUTluHYZ
KXyPuXOWlQSFseP0zipIEJXi5s/Z++3n+Jzw0yZUAoAmqU6r+yZkIWIQf209jicn
5EevBJPh+JG2KHh4am8uoObN3FTwtIasWJxX9gkU3/F3tQagBM9HmZLyYgvEdvTZ
G0LjEQqXZeN3uzISRPZ0rNmMsEJQg6Y5HIF7mr8S7BcExXApGecoCRdVBq0HCB1F
yJyPQiBMGsXX6eyAFhaHi9AZt/pxOa7ZbtM+q4AWej5FR1nWvWIbdjhi98tbCCTW
EWjrrvrkADWq/2Hr0U/ky7sP+BYSl8Foqpzfh7isrjOiP65R9fpJ1VzU8jdeJ3vk
K32D/SVeAs3uq5FJvFuhWbrpQ2+bDk0lFd6LwQGzOXa67QJtOvvn9Ulxy0U786b5
RjVC6G2HLTndWkLlYkcpMff7+m7UxNZXqmq8adNwUeMbEWfxmGkFN/1bBcBThr8J
0Yxpmw1yfMqcdf6/bAxdLaCbndZr+0rGWvaBwAzRZTP57ry29wQ=n5+i
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"