CVS commit: src/external/bsd/wpa/dist/src/eap_server

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/external/bsd/wpa/dist/src/eap_server
From: "Christos Zoulas" <christos%netbsd.org@localhost>
Date: Wed, 10 Apr 2019 13:49:26 -0400

Module Name:    src
Committed By:   christos
Date:           Wed Apr 10 17:49:26 UTC 2019

Modified Files:
        src/external/bsd/wpa/dist/src/eap_server: eap_server_pwd.c

Log Message:
When processing an EAP-pwd Commit frame, verify that the peer's scalar
and elliptic curve element differ from the one sent by the server. This
prevents reflection attacks where the adversary reflects the scalar and
element sent by the server. (CVE-2019-9497)

The vulnerability allows an adversary to complete the EAP-pwd handshake
as any user. However, the adversary does not learn the negotiated
session key, meaning the subsequent 4-way handshake would fail. As a
result, this cannot be abused to bypass authentication unless EAP-pwd is
used in non-WLAN cases without any following key exchange that would
require the attacker to learn the MSK.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 \
    src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/external/bsd/wpa/dist/src
Next by Date: CVS commit: src/external/bsd/wpa/dist/src/eap_peer
Previous by Thread: CVS commit: src/external/bsd/wpa/dist/src
Next by Thread: CVS commit: src/external/bsd/wpa/dist/src/eap_peer
Indexes:

Home | Main Index | Thread Index | Old Index