From owner-freebsd-current@freebsd.org Mon Oct 16 18:50:55 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6464BE41DFC for ; Mon, 16 Oct 2017 18:50:55 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from smtp-out-so.shaw.ca (smtp-out-so.shaw.ca [64.59.136.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 13B8367E8B; Mon, 16 Oct 2017 18:50:54 +0000 (UTC) (envelope-from cy.schubert@komquats.com) Received: from spqr.komquats.com ([96.50.22.10]) by shaw.ca with SMTP id 4ATMeaTVI8LPZ4ATNedYr7; Mon, 16 Oct 2017 12:50:48 -0600 X-Authority-Analysis: v=2.2 cv=e552ceh/ c=1 sm=1 tr=0 a=jvE2nwUzI0ECrNeyr98KWA==:117 a=jvE2nwUzI0ECrNeyr98KWA==:17 a=02M-m0pO-4AA:10 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=pGLkceISAAAA:8 a=BWvPGDcYAAAA:8 a=yaAG3qJ-AAAA:8 a=oneE3R1DAAAA:8 a=wjnT2uRbSL4dhbCOqnIA:9 a=A5avnIW0mJSAs4rF:21 a=lCep0r7k_pUFfa6V:21 a=CjuIK1q_8ugA:10 a=a4w0SzYmEskA:10 a=Ytm8v_FqGBcA:10 a=vCSivk8bNPtGoeRK4R8A:9 a=N3Fj-2trIw4JOXQY:21 a=cr1uzddsactaBIWy:21 a=aiaJdd3xnvG7-4FN:21 a=_W_S_7VecoQA:10 a=Fj9iO6pqr7gSyLvOkxId:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 a=pxhY87DP9d2VeQe4joPk:22 a=oLVlbjkABFOu4cUI0CGI:22 a=2Fs401WYdkfDm1j_wOhm:22 Received: from [25.172.12.81] (S0106d4ca6d8943b0.gv.shawcable.net [24.68.134.59]) by spqr.komquats.com (Postfix) with ESMTPSA id 94859750; Mon, 16 Oct 2017 11:50:12 -0700 (PDT) MIME-Version: 1.0 From: Cy Schubert Subject: RE: cve-2017-13077 - WPA2 security vulni Date: Mon, 16 Oct 2017 11:50:20 -0700 To: "Rodney W. Grimes" , Kevin Oberman CC: Adrian Chadd , Lev Serebryakov , blubee blubeeme , Poul-Henning Kamp , FreeBSD current Message-Id: <20171016185014.94859750@spqr.komquats.com> X-CMAE-Envelope: MS4wfLTQq3DnJi2O3LnP1j3rCbciNmGrk6LlXWMkwqSR9P0f+aj63KJpPnQQIc9FC0IEphJxf24pVdoSH6kxMdTeTHOzjiR1RzNZw9wWh3vGokIhynVOAgi0 eEVbp9Jh1H38bY4Cgg3LiRtbE3pvcLye3ba96SXpZ2eWAy+ujIFCQ2Xo2AtmHidMfKr996OAE5RjqApzjuWbSSiYI+woSqdeHTtHniVj+0laOOFCu2HG/7Tk u5rzooWO4K2L5eA2JtgrPIbK1JkMiWadYDJUQuYLxHT3q9HX1VNDjjbYmMssQ968V3ykm+8NGNfmiVq0iFLmaEkdtve1HN1IRl3Mt6nPFS/0S4nEf3rSdAVW XFwg1KvKkCd1JGArkR+Hud8YF2ycBZoBHD+guAZFM+/AlwNLcPc= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Oct 2017 18:50:55 -0000 Eight patches have been posted so, it should be easy to patch 2.5, MFC, and= bring head up to 2.6 later. This should avoid the risk of possible regress= ions. I haven't looked at the ports. --- Sent using a tiny phone keyboard. Apologies for any typos and autocorrect. Cy Schubert or -----Original Message----- From: Rodney W. Grimes Sent: 16/10/2017 11:14 To: Kevin Oberman Cc: Adrian Chadd; Cy Schubert; Lev Serebryakov; blubee blubeeme; Poul-Henni= ng Kamp; FreeBSD current Subject: Re: cve-2017-13077 - WPA2 security vulni > On Mon, Oct 16, 2017 at 8:55 AM, Adrian Chadd > wrote: >=20 > > hi, > > > > I got the patches a couple days ago. I've been busy with personal life > > stuff so I haven't updated our in-tree hostapd/wpa_supplicant. If > > someone beats me to it, great, otherwise I'll try to do it in the next > > couple days. > > > > I was hoping (!) for a hostap/wpa_supplicant 2.7 update to just update > > everything to but so far nope. It should be easy enough to update the > > port for now as it's at 2.6. > > > > > > > > -adrian > > > > > > On 16 October 2017 at 06:04, Cy Schubert wro= te: > > > In message <44161b4d-f834-a01d-6ddb-475f208762f9@FreeBSD.org>, Lev > > Serebryakov > > > writes: > > >> On 16.10.2017 13:38, blubee blubeeme wrote: > > >> > > >> > well, that's a cluster if I ever seen one. > > >> It is really cluster: CVE-2017-13077, CVE-2017-13078, CVE-2017-1307= 9, > > >> CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, > > >> CVE-2017-13086,CVE-2017-13087, CVE-2017-13088. > > > > > > The gory details are here: https://w1.fi/security/2017-1/ > > wpa-packet-number-reuse-with-replayed-messages.txt > > > > > > The announcement is here: > > > https://www.krackattacks.com/ > > > > > > > > > -- > > > Cheers, > > > Cy Schubert > > > FreeBSD UNIX: Web: http://www.FreeBSD.org > > > > > > The need of the many outweighs the greed of the few. > > > > > >=20 > While I do not encourage waiting, it is quite likely that the upstream > patch wil show up very soon now that the vulnerability is public. >=20 > It's also worth noting that fixing either end of the connection is all th= at > is required, as I understand it. So getting an update for your AP is not > required. That is very fortunate as the industry has a rather poor record > of getting out firmware updates for hardware more than a few months old. > Also, it appears that Windows and iOS are not vulnerable due to flaws in > their implementation of the WPA2 spec. (Of course, if you update your > AP(s), you no longer need to worry about your end devices. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >From my reading of the attack it is the client side that must be fixed, you can not mitigate the client side bug by an update to the AP. > -- > Kevin Oberman, Part time kid herder and retired Network Engineer > E-mail: rkoberman@gmail.com > PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 > _______________________________________________ > freebsd-current@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org= " >=20 --=20 Rod Grimes rgrimes@freebsd.= org