According to this article a severe flaw in wpa2 protocol has been published making many systems using WiFi vulnerable to an attack. Should I be worried and has a patch been issued for Ubuntu?
Asked
Active
Viewed 8,623 times
1 Answers
28
A fix has been issued as per USN-3455-1 . You should update your system with sudo apt-get update && sudo apt-get upgrade. The relevant versions for currently supported releases:
- Ubuntu 17.04:
hostapd 2.4-0ubuntu9.1
wpasupplicant 2.4-0ubuntu9.1 - Ubuntu 16.04 LTS:
hostapd 2.4-0ubuntu6.2
wpasupplicant 2.4-0ubuntu6.2 - Ubuntu 14.04 LTS:
hostapd 2.1-0ubuntu1.5
wpasupplicant 2.1-0ubuntu1.5
You should see an update of wpasupplicant during the update. More information about the attack is available on the GitHub page.
-
1My Ubuntu 14.4 LTS does not show the minor version: `leder@gisela-E7220:~$ dpkg -l wpasupplicant ... ii wpasupplicant 2.1-0ubuntu1 amd64 client support for WPA and WPA2 ( ` – Leder Oct 18 '17 at 09:40
-
@Leder Mine shows `2.1-0ubuntu1.5`, so it seems you're missing the update. – wjandrea Oct 18 '17 at 17:12
-
1How can I check if update is already installed? – abg Oct 20 '17 at 10:04
-
9Run `sudo apt-get changelog wpasupplicant`. You should see something like `SECURITY UPDATE: Multiple issues in WPA protocol` `- debian/patches/2017-1/*.patch: Add patches from Debian stretch - CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088` – amanusk Oct 20 '17 at 10:12