CVE Vulnerabilities

CVE-2017-13079

Use of Insufficiently Random Values

Published: Oct 17, 2017 | Modified: Oct 03, 2019
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
2.9 LOW
AV:A/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Weakness

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Affected Software

Name Vendor Start Version End Version
Debian_linux Debian 8.0 8.0
Freebsd Freebsd * *
Ubuntu_linux Canonical 16.04 16.04
Ubuntu_linux Canonical 14.04 14.04
Ubuntu_linux Canonical 17.04 17.04
Debian_linux Debian 9.0 9.0
Leap Opensuse 42.3 42.3
Leap Opensuse 42.2 42.2
Enterprise_linux_server Redhat 7 7
Enterprise_linux_desktop Redhat 7 7
Freebsd Freebsd 11 11
Freebsd Freebsd 11.1 11.1
Freebsd Freebsd 10 10
Freebsd Freebsd 10.4 10.4

Potential Mitigations

  • Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
  • In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
  • Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a “random enough” number.

References