{
  "threat_severity" : "Important",
  "public_date" : "2017-10-16T00:00:00Z",
  "bugzilla" : {
    "description" : "wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it",
    "id" : "1491698",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1491698"
  },
  "cvss3" : {
    "cvss3_base_score" : "8.1",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-323",
  "details" : [ "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.", "A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit this attack to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by reinstalling a previously used pairwise key (PTK-TK) by retransmitting Fast BSS Transition (FT) Reassociation Requests." ],
  "statement" : "This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5 and 6.\nThis issue affects the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 7.",
  "acknowledgement" : "Red Hat would like to thank CERT for reporting this issue. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-10-17T00:00:00Z",
    "advisory" : "RHSA-2017:2907",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "wpa_supplicant-1:2.6-5.el7_4.1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "wpa_supplicant",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "wpa_supplicant",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2017-13082\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-13082\nhttps://access.redhat.com/security/vulnerabilities/kracks\nhttps://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\nhttps://www.krackattacks.com/" ],
  "name" : "CVE-2017-13082",
  "csaw" : false
}