Table of Contents
This issue did not affect the versions of wpa_supplicant as shipped with Red Hat Enterprise Linux 5, 6, and 7, as wpa_supplicant's implementation of the PeerKey handshake mechanism is incomplete and does not allow the installation of a key into the driver.
CVSS v3 metrics
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
|CVSS3 Base Score||8.1|
|CVSS3 Base Metrics||CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N|
|Attack Vector||Adjacent Network|
Affected Packages State
|Red Hat Enterprise Linux 7||wpa_supplicant||Not affected|
|Red Hat Enterprise Linux 6||wpa_supplicant||Not affected|
|Red Hat Enterprise Linux 5||wpa_supplicant||Not affected|
AcknowledgementsRed Hat would like to thank CERT for reporting this issue. Upstream acknowledges Mathy Vanhoef (University of Leuven) as the original reporter.
CVE description copyright © 2017, The MITRE Corporation