18 Oct

WPA vulnerability (KRACK Attack) fixed

Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13077CVE-2017-13078CVE-2017-13079CVE-2017-13080CVE-2017-13081   CVE-2017-13082CVE-2017-13086CVE-2017-13087CVE-2017-13088)

Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled  invalid characters in passphrase parameters. A remote attacker could use this issue to cause a denial of service. (CVE-2016-4476).

Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled invalid characters in passphrase parameters. A local attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2016-4477).

The problem can be corrected by updating your system. More info here: https://usn.ubuntu.com/usn/usn-3455-1/ and at https://www.krackattacks.com/