openSUSE Security Update : hostapd (openSUSE-2020-222) (KRACK)

high Nessus Plugin ID 133758

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for hostapd fixes the following issues :

hostapd was updated to version 2.9 :

- SAE changes

- disable use of groups using Brainpool curves

- improved protection against side channel attacks [https://w1.fi/security/2019-6/]

- EAP-pwd changes

- disable use of groups using Brainpool curves

- improved protection against side channel attacks [https://w1.fi/security/2019-6/]

- fixed FT-EAP initial mobility domain association using PMKSA caching

- added configuration of airtime policy

- fixed FILS to and RSNE into (Re)Association Response frames

- fixed DPP bootstrapping URI parser of channel list

- added support for regulatory WMM limitation (for ETSI)

- added support for MACsec Key Agreement using IEEE 802.1X/PSK

- added experimental support for EAP-TEAP server (RFC 7170)

- added experimental support for EAP-TLS server with TLS v1.3

- added support for two server certificates/keys (RSA/ECC)

- added AKMSuiteSelector into 'STA <addr>' control interface data to determine with AKM was used for an association

- added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and fast reauthentication use to be disabled

- fixed an ECDH operation corner case with OpenSSL

Update to version 2.8

- SAE changes

- added support for SAE Password Identifier

- changed default configuration to enable only group 19 (i.e., disable groups 20, 21, 25, 26 from default configuration) and disable all unsuitable groups completely based on REVmd changes

- improved anti-clogging token mechanism and SAE authentication frame processing during heavy CPU load;
this mitigates some issues with potential DoS attacks trying to flood an AP with large number of SAE messages

- added Finite Cyclic Group field in status code 77 responses

- reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256)

- minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494)

- fixed confirm message validation in error cases [https://w1.fi/security/2019-3/] (CVE-2019-9496)

- EAP-pwd changes

- minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495)

- verify peer scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9497 and CVE-2019-9498)

- fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/]

- enforce rand,mask generation rules more strictly

- fix a memory leak in PWE derivation

- disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27)

- Hotspot 2.0 changes

- added support for release number 3

- reject release 2 or newer association without PMF

- added support for RSN operating channel validation (CONFIG_OCV=y and configuration parameter ocv=1)

- added Multi-AP protocol support

- added FTM responder configuration

- fixed build with LibreSSL

- added FT/RRB workaround for short Ethernet frame padding

- fixed KEK2 derivation for FILS+FT

- added RSSI-based association rejection from OCE

- extended beacon reporting functionality

- VLAN changes

- allow local VLAN management with remote RADIUS authentication

- add WPA/WPA2 passphrase/PSK -based VLAN assignment

- OpenSSL: allow systemwide policies to be overridden

- extended PEAP to derive EMSK to enable use with ERP/FILS

- extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1)

- fixed FT and SA Query Action frame with AP-MLME-in-driver cases

- OWE: allow Diffie-Hellman Parameter element to be included with DPP in preparation for DPP protocol extension

- RADIUS server: started to accept ERP keyName-NAI as user identity automatically without matching EAP database entry

- fixed PTK rekeying with FILS and FT

wpa_supplicant :

- SAE changes

- added support for SAE Password Identifier

- changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes

- do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms

- fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP

- started to prefer FT-SAE over SAE AKM if both are enabled

- started to prefer FT-SAE over FT-PSK if both are enabled

- fixed FT-SAE when SAE PMKSA caching is used

- reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256)

- minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/] (CVE-2019-9494)

- EAP-pwd changes

- minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/] (CVE-2019-9495)

- verify server scalar/element [https://w1.fi/security/2019-4/] (CVE-2019-9499)

- fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/]

- enforce rand,mask generation rules more strictly

- fix a memory leak in PWE derivation

- disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27)

- fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y

- Hotspot 2.0 changes

- do not indicate release number that is higher than the one AP supports

- added support for release number 3

- enable PMF automatically for network profiles created from credentials

- fixed OWE network profile saving

- fixed DPP network profile saving

- added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1)

- added Multi-AP backhaul STA support

- fixed build with LibreSSL

- number of MKA/MACsec fixes and extensions

- extended domain_match and domain_suffix_match to allow list of values

- fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL

- started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled

- extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384

- fixed KEK2 derivation for FILS+FT

- extended client_cert file to allow loading of a chain of PEM encoded certificates

- extended beacon reporting functionality

- extended D-Bus interface with number of new properties

- fixed a regression in FT-over-DS with mac80211-based drivers

- OpenSSL: allow systemwide policies to be overridden

- extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability

- added support for random P2P Device/Interface Address use

- extended PEAP to derive EMSK to enable use with ERP/FILS

- extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1)

- removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS)

- extended domain_match and domain_suffix_match to allow list of values

- added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order

- fixed PTK rekeying with FILS and FT

- Enabled CLI editing and history support.

Update to version 2.7

- fixed WPA packet number reuse with replayed messages and key reinstallation [http://w1.fi/security/2017-1/] (CVE-2017-13082) (boo#1056061)

- added support for FILS (IEEE 802.11ai) shared key authentication

- added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA)

- added support for DPP (Wi-Fi Device Provisioning Protocol)

- FT :

- added local generation of PMK-R0/PMK-R1 for FT-PSK (ft_psk_generate_local=1)

- replaced inter-AP protocol with a cleaner design that is more easily extensible; this breaks backward compatibility and requires all APs in the ESS to be updated at the same time to maintain FT functionality

- added support for wildcard R0KH/R1KH

- replaced r0_key_lifetime (minutes) parameter with ft_r0_key_lifetime (seconds)

- fixed wpa_psk_file use for FT-PSK

- fixed FT-SAE PMKID matching

- added expiration to PMK-R0 and PMK-R1 cache

- added IEEE VLAN support (including tagged VLANs)

- added support for SHA384 based AKM

- SAE

- fixed some PMKSA caching cases with SAE

- added support for configuring SAE password separately of the WPA2 PSK/passphrase

- added option to require MFP for SAE associations (sae_require_pmf=1)

- fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability

- added support for Password Identifier

- hostapd_cli: added support for command history and completion

- added support for requesting beacon report

- large number of other fixes, cleanup, and extensions

- added option to configure EAPOL-Key retry limits (wpa_group_update_count and wpa_pairwise_update_count)

- removed all PeerKey functionality

- fixed nl80211 AP mode configuration regression with Linux 4.15 and newer

- added support for using wolfSSL cryptographic library

- fixed some 20/40 MHz coexistence cases where the BSS could drop to 20 MHz even when 40 MHz would be allowed

- Hotspot 2.0

- added support for setting Venue URL ANQP-element (venue_url)

- added support for advertising Hotspot 2.0 operator icons

- added support for Roaming Consortium Selection element

- added support for Terms and Conditions

- added support for OSEN connection in a shared RSN BSS

- added support for using OpenSSL 1.1.1

- added EAP-pwd server support for salted passwords

Solution

Update the affected hostapd packages.

See Also

http://w1.fi/security/2017-1/]

https://bugzilla.opensuse.org/show_bug.cgi?id=1056061

https://w1.fi/security/2019-1/]

https://w1.fi/security/2019-2/]

https://w1.fi/security/2019-3/]

https://w1.fi/security/2019-4/]

https://w1.fi/security/2019-5/]

https://w1.fi/security/2019-6/]

Plugin Details

Severity: High

ID: 133758

File Name: openSUSE-2020-222.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2/18/2020

Updated: 3/27/2024

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-9499

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.3

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:hostapd, p-cpe:/a:novell:opensuse:hostapd-debugsource, cpe:/o:novell:opensuse:15.1, p-cpe:/a:novell:opensuse:hostapd-debuginfo

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/15/2020

Vulnerability Publication Date: 10/17/2017

Reference Information

CVE: CVE-2017-13082, CVE-2019-9494, CVE-2019-9495, CVE-2019-9496, CVE-2019-9497, CVE-2019-9498, CVE-2019-9499