MGASA-2017-0379

Advisory lineage Upstream: 9 Downstream: 0

Upstream

CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082

Published: 19 Oct 2017, 18:14

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Oct 2017, 18:14

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated wpa_supplicant and hostapd packages fix security vulnerabilities Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

Affected Systems

mageia•hostapd
< 2.6-1.mga5
mageia•wpa_supplicant
< 2.6-1.mga5
mageia•hostapd
< 2.6-1.1.mga6
mageia•wpa_supplicant
< 2.6-1.1.mga6

MGASA-2017-0379

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)