d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0ec68024a0
freebsd-dev/contrib
History
Cy Schubert 0ec68024a0 MFV r337818: 
WPA: Ignore unauthenticated encrypted EAPOL-Key data

Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.

When using WPA2, EAPOL-Key frames that had the Encrypted flag set but
not the MIC flag, had their data field decrypted without first verifying
the MIC. In case the data field was encrypted using RC4 (i.e., when
negotiating TKIP as the pairwise cipher), this meant that
unauthenticated but decrypted data would then be processed. An adversary
could abuse this as a decryption oracle to recover sensitive information
in the data field of EAPOL-Key messages (e.g., the group key).
(CVE-2018-14526)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>

Obtained from:  git://w1.fi/hostap.git
MFC after:      1 day
Security:       CVE-2018-14526
Security:       VuXML: 6bedc863-9fbe-11e8-945f-206a8a720317
2018-08-14 20:24:10 +00:00
..
amd Fix amq -i timestamp segmentation violation. 2018-06-19 01:33:03 +00:00
apr
apr-util
atf atf-sh(3): document atf_init_test_cases(3) fully 2017-06-30 05:49:12 +00:00
binutils Add deprecation notice to objdump man page 2018-06-15 17:03:49 +00:00
blacklist Revert 335888 ("Ensure va_list is declared by including stdarg.h.") 2018-07-03 15:48:34 +00:00
bmake Merge bmake-20180512 2018-05-19 00:26:00 +00:00
bsnmp Update bsnmp to version 1.13. This does not bring user-visible changes. 2018-07-03 08:44:40 +00:00
byacc MFV: r319352 2017-05-31 19:37:23 +00:00
bzip2
com_err
compiler-rt Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to 2018-06-29 17:51:35 +00:00
cortex-strings Work around a bug in QEMU when loading data with a load pair instruction 2017-08-26 15:08:27 +00:00
dialog
diff
dma Convert cap_enter() < 0 && errno != ENOSYS to caph_enter() < 0. 2018-06-19 23:43:14 +00:00
dtc
ee
elftoolchain readelf: display NT_GNU_PROPERTY_TYPE_0 note name 2018-08-10 10:37:25 +00:00
expat
file file: update to 5.34 2018-08-08 01:33:36 +00:00
flex Terminate filter_create_ext() args with NULL, not 0. 2018-08-08 22:45:30 +00:00
gcc Fix GCC 4.2.1 to honor --sysroot for includes. 2018-06-27 18:14:33 +00:00
gcclibs
gdb Commit forgotten change in gdb allowing to use libedit 2018-02-06 12:17:03 +00:00
gdtoa
gperf
hyperv/tools hyperv: Add VF bringup scripts and devd rules. 2017-07-31 07:18:15 +00:00
ipfilter loadpoolfile() implements a -R (NORESOLVE) option which is not listed 2017-08-05 06:46:06 +00:00
jemalloc Update jemalloc to version 5.1.0. 2018-05-11 00:32:31 +00:00
ldns Upgrade LDNS to 1.7.0. 2018-05-12 12:00:18 +00:00
ldns-host
less MFV r329552: less v530. 2018-02-19 05:10:22 +00:00
libarchive MFV r337744: 2018-08-14 11:42:32 +00:00
libbegemot Update bsnmp to version 1.13. This does not bring user-visible changes. 2018-07-03 08:44:40 +00:00
libc-pwcache
libc-vis Update vis(3) the latest from NetBSD. 2017-11-28 01:35:28 +00:00
libc++ Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to 2018-06-29 17:51:35 +00:00
libcxxrt
libdivsufsort
libexecinfo
libgnuregex
libpcap Re-apply r190640. 2018-05-31 09:11:21 +00:00
libstdc++ libstdc++: fix symbol version script for LLD 2017-04-19 19:06:47 +00:00
libucl
libxo Import libxo-0.9.0: 2018-05-23 01:20:31 +00:00
llvm Pull in r338481 from upstream llvm trunk (by Chandler Carruth): 2018-08-11 10:42:12 +00:00
lua MFV r337586: lua: Update to 5.3.5 2018-08-14 18:58:01 +00:00
mdocml MFH @ r337607, in preparation for boarding 2018-08-11 04:26:29 +00:00
mknod
mtree
ncurses
netbsd-tests Increase timeout for timedmutex_test:mutex2, timedmutex_test:mutex3 2018-08-06 15:55:58 +00:00
netcat
ngatm
ntp Make it possible to run ntpd as a non-root user, add ntpd uid and gid. 2018-07-19 23:55:29 +00:00
nvi
ofed Add udma_barrier definitions for RISC-V 2018-07-22 22:35:17 +00:00
one-true-awk Don't display empty error context. 2017-09-24 05:04:06 +00:00
openbsm auditd(8): Log a better error when no hostname is set in audit_control 2018-07-22 18:06:42 +00:00
opencsd/decoder Import OpenCSD -- an ARM CoreSight(tm) Trace Decode Library. 2018-04-04 12:55:31 +00:00
openpam Upgrade to OpenPAM Resedacea. 2017-05-05 13:31:25 +00:00
openresolv
opie Revert r328492: 2018-01-28 03:16:54 +00:00
pam_modules/pam_passwdqc
pf Fix escaping, otherwise Dx gets translated as the macro for DragonFly. 2018-08-11 00:08:59 +00:00
pjdfstest Pull down pjdfstest 0.1 2017-06-28 09:22:45 +00:00
pnpinfo
processor-trace Import Intel Processor Trace decoder library from 2018-03-19 18:59:15 +00:00
sendmail Don't declare union semun in userspace unless _WANT_SEMUN is defined. 2018-03-02 22:32:53 +00:00
serf
smbfs Fix a stack overflow in mount_smbfs when hostname is too long. 2018-06-25 16:42:49 +00:00
sqlite3 Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1 2018-05-08 04:51:15 +00:00
subversion Update svn-1.9.7 to 1.10.0. 2018-05-08 04:52:52 +00:00
tcp_wrappers remove bogus declaration of malloc from tcp_wrappers 2017-06-20 16:40:31 +00:00
tcpdump MFV r333668: 2018-05-29 10:29:04 +00:00
tcsh
telnet telnetd(8): Fix dereference of uninitialized value 'IF' 2018-03-16 20:59:56 +00:00
tnftp Switch the default pager for most commands to less 2018-08-08 19:24:20 +00:00
traceroute When using SCTP for sending probe packets, use INIT chunks for payloads 2018-01-27 19:23:42 +00:00
tzcode
tzdata Import tzdata 2018e 2018-05-04 10:17:27 +00:00
unbound Rename all Unbound binaries and man pages from unbound* to local-unbound*. 2018-05-12 17:10:36 +00:00
unvis
vis
wpa MFV r337818: 2018-08-14 20:24:10 +00:00
xz MFV r333779: xz 5.2.4. 2018-05-18 06:10:16 +00:00
zlib MFV: r323381 2017-09-10 01:25:15 +00:00