Security Information / 2019 / Security Information -- DSA-4538-1 wpa

Debian Security Advisory

DSA-4538-1 wpa -- security update

Date Reported:

29 Sep 2019

Affected Packages:

wpa

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 934180, Bug 940080.
In Mitre's CVE dictionary: CVE-2019-13377, CVE-2019-16275.

More information:

Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point).

• CVE-2019-13377

  A timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password.

• CVE-2019-16275

  Insufficient source address validation for some received Management frames in hostapd could lead to a denial of service for stations associated to an access point. An attacker in radio range of the access point could inject a specially constructed unauthenticated IEEE 802.11 frame to the access point to cause associated stations to be disconnected and require a reconnection to the network.

For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u1.

We recommend that you upgrade your wpa packages.

For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpa