openSUSE Security Update : wpa_supplicant (openSUSE-2020-2053) (KRACK)

high Nessus Plugin ID 143321

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for wpa_supplicant fixes the following issues :

Security issue fixed :

- CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass (bsc#1150934).

Non-security issues fixed :

- Enable SAE support (jsc#SLE-14992).

- Limit P2P_DEVICE name to appropriate ifname size.

- Fix wicked wlan (bsc#1156920)

- Restore fi.epitest.hostap.WPASupplicant.service (bsc#1167331)

- With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331)

- Fix WLAN config on boot with wicked. (bsc#1166933)

- Update to 2.9 release :

- SAE changes

- disable use of groups using Brainpool curves

- improved protection against side channel attacks [https://w1.fi/security/2019-6/]

- EAP-pwd changes

- disable use of groups using Brainpool curves

- allow the set of groups to be configured (eap_pwd_groups)

- improved protection against side channel attacks [https://w1.fi/security/2019-6/]

- fixed FT-EAP initial mobility domain association using PMKSA caching (disabled by default for backwards compatibility; can be enabled with ft_eap_pmksa_caching=1)

- fixed a regression in OpenSSL 1.1+ engine loading

- added validation of RSNE in (Re)Association Response frames

- fixed DPP bootstrapping URI parser of channel list

- extended EAP-SIM/AKA fast re-authentication to allow use with FILS

- extended ca_cert_blob to support PEM format

- improved robustness of P2P Action frame scheduling

- added support for EAP-SIM/AKA using [email protected] identity

- fixed Hotspot 2.0 credential selection based on roaming consortium to ignore credentials without a specific EAP method

- added experimental support for EAP-TEAP peer (RFC 7170)

- added experimental support for EAP-TLS peer with TLS v1.3

- fixed a regression in WMM parameter configuration for a TDLS peer

- fixed a regression in operation with drivers that offload 802.1X 4-way handshake

- fixed an ECDH operation corner case with OpenSSL

- SAE changes

- added support for SAE Password Identifier

- changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes

- do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms

- fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP

- started to prefer FT-SAE over SAE AKM if both are enabled

- started to prefer FT-SAE over FT-PSK if both are enabled

- fixed FT-SAE when SAE PMKSA caching is used

- reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256)

- minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494, bsc#1131868)

- EAP-pwd changes

- minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495, bsc#1131870)

- verify server scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, bsc#1131874, bsc#1131872, bsc#1131871, bsc#1131644)

- fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/] (CVE-2019-11555, bsc#1133640)

- enforce rand,mask generation rules more strictly

- fix a memory leak in PWE derivation

- disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27)

- SAE/EAP-pwd side-channel attack update [https://w1.fi/security/2019-6/] (CVE-2019-13377, bsc#1144443)

- fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y

- Hotspot 2.0 changes

- do not indicate release number that is higher than the one AP supports

- added support for release number 3

- enable PMF automatically for network profiles created from credentials

- fixed OWE network profile saving

- fixed DPP network profile saving

- added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1)

- added Multi-AP backhaul STA support

- fixed build with LibreSSL

- number of MKA/MACsec fixes and extensions

- extended domain_match and domain_suffix_match to allow list of values

- fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL

- started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled

- extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384

- fixed KEK2 derivation for FILS+FT

- extended client_cert file to allow loading of a chain of PEM encoded certificates

- extended beacon reporting functionality

- extended D-Bus interface with number of new properties

- fixed a regression in FT-over-DS with mac80211-based drivers

- OpenSSL: allow systemwide policies to be overridden

- extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability

- added support for random P2P Device/Interface Address use

- extended PEAP to derive EMSK to enable use with ERP/FILS

- extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1)

- removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS)

- extended domain_match and domain_suffix_match to allow list of values

- added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order

- fixed PTK rekeying with FILS and FT

- fixed WPA packet number reuse with replayed messages and key reinstallation [https://w1.fi/security/2017-1/] (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

- fixed unauthenticated EAPOL-Key decryption in wpa_supplicant [https://w1.fi/security/2018-1/] (CVE-2018-14526)

- added support for FILS (IEEE 802.11ai) shared key authentication

- added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA)

- added support for DPP (Wi-Fi Device Provisioning Protocol)

- added support for RSA 3k key case with Suite B 192-bit level

- fixed Suite B PMKSA caching not to update PMKID during each 4-way handshake

- fixed EAP-pwd pre-processing with PasswordHashHash

- added EAP-pwd client support for salted passwords

- fixed a regression in TDLS prohibited bit validation

- started to use estimated throughput to avoid undesired signal strength based roaming decision

- MACsec/MKA :

- new macsec_linux driver interface support for the Linux kernel macsec module

- number of fixes and extensions

- added support for external persistent storage of PMKSA cache (PMKSA_GET/PMKSA_ADD control interface commands;
and MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case)

- fixed mesh channel configuration pri/sec switch case

- added support for beacon report

- large number of other fixes, cleanup, and extensions

- added support for randomizing local address for GAS queries (gas_rand_mac_addr parameter)

- fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel

- added option for using random WPS UUID (auto_uuid=1)

- added SHA256-hash support for OCSP certificate matching

- fixed EAP-AKA' to add AT_KDF into Synchronization-Failure

- fixed a regression in RSN pre-authentication candidate selection

- added option to configure allowed group management cipher suites (group_mgmt network profile parameter)

- removed all PeerKey functionality

- fixed nl80211 AP and mesh mode configuration regression with Linux 4.15 and newer

- added ap_isolate configuration option for AP mode

- added support for nl80211 to offload 4-way handshake into the driver

- added support for using wolfSSL cryptographic library

- SAE

- added support for configuring SAE password separately of the WPA2 PSK/passphrase

- fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability

- added support for Password Identifier

- fixed FT-SAE PMKID matching

- Hotspot 2.0

- added support for fetching of Operator Icon Metadata ANQP-element

- added support for Roaming Consortium Selection element

- added support for Terms and Conditions

- added support for OSEN connection in a shared RSN BSS

- added support for fetching Venue URL information

- added support for using OpenSSL 1.1.1

- FT

- disabled PMKSA caching with FT since it is not fully functional

- added support for SHA384 based AKM

- added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in addition to previously supported BIP-CMAC-128

- fixed additional IE inclusion in Reassociation Request frame when using FT protocol

- Changed service-files for start after network (systemd-networkd).

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected wpa_supplicant packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1131644

https://bugzilla.opensuse.org/show_bug.cgi?id=1131868

https://bugzilla.opensuse.org/show_bug.cgi?id=1131870

https://bugzilla.opensuse.org/show_bug.cgi?id=1131871

https://bugzilla.opensuse.org/show_bug.cgi?id=1131872

https://bugzilla.opensuse.org/show_bug.cgi?id=1131874

https://bugzilla.opensuse.org/show_bug.cgi?id=1133640

https://bugzilla.opensuse.org/show_bug.cgi?id=1144443

https://bugzilla.opensuse.org/show_bug.cgi?id=1150934

https://bugzilla.opensuse.org/show_bug.cgi?id=1156920

https://bugzilla.opensuse.org/show_bug.cgi?id=1166933

https://bugzilla.opensuse.org/show_bug.cgi?id=1167331

https://bugzilla.opensuse.org/show_bug.cgi?id=930077

https://bugzilla.opensuse.org/show_bug.cgi?id=930078

https://bugzilla.opensuse.org/show_bug.cgi?id=930079

https://w1.fi/security/2017-1/]

https://w1.fi/security/2018-1/]

https://w1.fi/security/2019-1/]

https://w1.fi/security/2019-2/]

https://w1.fi/security/2019-4/]

https://w1.fi/security/2019-5/]

https://w1.fi/security/2019-6/]

Plugin Details

Severity: High

ID: 143321

File Name: openSUSE-2020-2053.nasl

Version: 1.2

Type: local

Agent: unix

Published: 11/30/2020

Updated: 12/2/2020

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2019-9499

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:wpa_supplicant, p-cpe:/a:novell:opensuse:wpa_supplicant-debuginfo, p-cpe:/a:novell:opensuse:wpa_supplicant-debugsource, p-cpe:/a:novell:opensuse:wpa_supplicant-gui, p-cpe:/a:novell:opensuse:wpa_supplicant-gui-debuginfo, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 11/26/2020

Vulnerability Publication Date: 6/15/2015

Reference Information

CVE: CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-8041, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, CVE-2018-14526, CVE-2019-11555, CVE-2019-13377, CVE-2019-16275, CVE-2019-9494, CVE-2019-9495, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499