Detections
Analytics

openSUSE Security Update : hostapd (openSUSE-2020-222) (KRACK)

high Nessus Plugin ID 133758

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for hostapd fixes the following issues :

hostapd was updated to version 2.9 :

 - SAE changes

 - disable use of groups using Brainpool curves

 - improved protection against side channel attacks [https://w1.fi/security/2019-6/]

 - EAP-pwd changes

 - disable use of groups using Brainpool curves

 - improved protection against side channel attacks [https://w1.fi/security/2019-6/]

 - fixed FT-EAP initial mobility domain association using PMKSA caching

 - added configuration of airtime policy

 - fixed FILS to and RSNE into (Re)Association Response frames

 - fixed DPP bootstrapping URI parser of channel list

 - added support for regulatory WMM limitation (for ETSI)

 - added support for MACsec Key Agreement using IEEE 802.1X/PSK

 - added experimental support for EAP-TEAP server (RFC 7170)

 - added experimental support for EAP-TLS server with TLS v1.3

 - added support for two server certificates/keys (RSA/ECC)

 - added AKMSuiteSelector into 'STA <addr>' control interface data to determine with AKM was used for an association

 - added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and fast reauthentication use to be disabled

 - fixed an ECDH operation corner case with OpenSSL

Update to version 2.8

 - SAE changes

 - added support for SAE Password Identifier

 - changed default configuration to enable only group 19 (i.e., disable groups 20, 21, 25, 26 from default configuration) and disable all unsuitable groups completely based on REVmd changes

 - improved anti-clogging token mechanism and SAE authentication frame processing during heavy CPU load;
 this mitigates some issues with potential DoS attacks trying to flood an AP with large number of SAE messages

 - added Finite Cyclic Group field in status code 77 responses

 - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256)

 - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494)

 - fixed confirm message validation in error cases [https://w1.fi/security/2019-3/] (CVE-2019-9496)

 - EAP-pwd changes

 - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495)

 - verify peer scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498)

 - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/]

 - enforce rand,mask generation rules more strictly

 - fix a memory leak in PWE derivation

 - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27)

 - Hotspot 2.0 changes

 - added support for release number 3

 - reject release 2 or newer association without PMF

 - added support for RSN operating channel validation (CONFIG_OCV=y and configuration parameter ocv=1)

 - added Multi-AP protocol support

 - added FTM responder configuration

 - fixed build with LibreSSL

 - added FT/RRB workaround for short Ethernet frame padding

 - fixed KEK2 derivation for FILS+FT

 - added RSSI-based association rejection from OCE

 - extended beacon reporting functionality

 - VLAN changes

 - allow local VLAN management with remote RADIUS authentication

 - add WPA/WPA2 passphrase/PSK -based VLAN assignment

 - OpenSSL: allow systemwide policies to be overridden

 - extended PEAP to derive EMSK to enable use with ERP/FILS

 - extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1)

 - fixed FT and SA Query Action frame with AP-MLME-in-driver cases

 - OWE: allow Diffie-Hellman Parameter element to be included with DPP in preparation for DPP protocol extension

 - RADIUS server: started to accept ERP keyName-NAI as user identity automatically without matching EAP database entry

 - fixed PTK rekeying with FILS and FT

wpa_supplicant :

 - SAE changes

 - added support for SAE Password Identifier

 - changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes

 - do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms

 - fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP

 - started to prefer FT-SAE over SAE AKM if both are enabled

 - started to prefer FT-SAE over FT-PSK if both are enabled

 - fixed FT-SAE when SAE PMKSA caching is used

 - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256)

 - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494)

 - EAP-pwd changes

 - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495)

 - verify server scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9499)

 - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/]

 - enforce rand,mask generation rules more strictly

 - fix a memory leak in PWE derivation

 - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27)

 - fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y

 - Hotspot 2.0 changes

 - do not indicate release number that is higher than the one AP supports

 - added support for release number 3

 - enable PMF automatically for network profiles created from credentials

 - fixed OWE network profile saving

 - fixed DPP network profile saving

 - added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1)

 - added Multi-AP backhaul STA support

 - fixed build with LibreSSL

 - number of MKA/MACsec fixes and extensions

 - extended domain_match and domain_suffix_match to allow list of values

 - fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL

 - started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled

 - extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384

 - fixed KEK2 derivation for FILS+FT

 - extended client_cert file to allow loading of a chain of PEM encoded certificates

 - extended beacon reporting functionality

 - extended D-Bus interface with number of new properties

 - fixed a regression in FT-over-DS with mac80211-based drivers

 - OpenSSL: allow systemwide policies to be overridden

 - extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability

 - added support for random P2P Device/Interface Address use

 - extended PEAP to derive EMSK to enable use with ERP/FILS

 - extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1)

 - removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS)

 - extended domain_match and domain_suffix_match to allow list of values

 - added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order

 - fixed PTK rekeying with FILS and FT

 - Enabled CLI editing and history support.

Update to version 2.7

 - fixed WPA packet number reuse with replayed messages and key reinstallation [http://w1.fi/security/2017-1/] (CVE-2017-13082) (boo#1056061)

 - added support for FILS (IEEE 802.11ai) shared key authentication

 - added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA)

 - added support for DPP (Wi-Fi Device Provisioning Protocol)

 - FT :

 - added local generation of PMK-R0/PMK-R1 for FT-PSK (ft_psk_generate_local=1)

 - replaced inter-AP protocol with a cleaner design that is more easily extensible; this breaks backward compatibility and requires all APs in the ESS to be updated at the same time to maintain FT functionality

 - added support for wildcard R0KH/R1KH

 - replaced r0_key_lifetime (minutes) parameter with ft_r0_key_lifetime (seconds)

 - fixed wpa_psk_file use for FT-PSK

 - fixed FT-SAE PMKID matching

 - added expiration to PMK-R0 and PMK-R1 cache

 - added IEEE VLAN support (including tagged VLANs)

 - added support for SHA384 based AKM

 - SAE

 - fixed some PMKSA caching cases with SAE

 - added support for configuring SAE password separately of the WPA2 PSK/passphrase

 - added option to require MFP for SAE associations (sae_require_pmf=1)

 - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability

 - added support for Password Identifier

 - hostapd_cli: added support for command history and completion

 - added support for requesting beacon report

 - large number of other fixes, cleanup, and extensions

 - added option to configure EAPOL-Key retry limits (wpa_group_update_count and wpa_pairwise_update_count)

 - removed all PeerKey functionality

 - fixed nl80211 AP mode configuration regression with Linux 4.15 and newer

 - added support for using wolfSSL cryptographic library

 - fixed some 20/40 MHz coexistence cases where the BSS could drop to 20 MHz even when 40 MHz would be allowed

 - Hotspot 2.0

 - added support for setting Venue URL ANQP-element (venue_url)

 - added support for advertising Hotspot 2.0 operator icons

 - added support for Roaming Consortium Selection element

 - added support for Terms and Conditions

 - added support for OSEN connection in a shared RSN BSS

 - added support for using OpenSSL 1.1.1

 - added EAP-pwd server support for salted passwords

Solution

Update the affected hostapd packages.

See Also

http://w1.fi/security/2017-1/]

https://bugzilla.opensuse.org/show_bug.cgi?id=1056061

https://w1.fi/security/2019-1/]

https://w1.fi/security/2019-2/]

https://w1.fi/security/2019-3/]

https://w1.fi/security/2019-4/]

https://w1.fi/security/2019-5/]

https://w1.fi/security/2019-6/]

Plugin Details

Severity: High

ID: 133758

File Name: openSUSE-2020-222.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2/18/2020

Updated: 3/27/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-9499

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:hostapd, p-cpe:/a:novell:opensuse:hostapd-debuginfo, p-cpe:/a:novell:opensuse:hostapd-debugsource, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/15/2020

Vulnerability Publication Date: 10/17/2017

Reference Information

CVE: CVE-2017-13082, CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499