Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : linux-firmware vulnerabilities (USN-3505-1) (KRACK)
Low Nessus Plugin ID 105038
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionMathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13080, CVE-2017-13081).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected linux-firmware package.