CVE-2017-13082 HIGH

Published: 2017-10-17 | Last Modified: 2026-06-17 | Status: Modified

Description

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Additional Descriptions (1)

Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalación de la clave temporal PTK (Pairwise Transient Key) durante la negociación de la transmisión rápida (FT) BSS, haciendo que un atacante en el rango de radio reproduzca, descifre o suplante frames.

CVSS Metrics

Base Score: 5.8 (MEDIUM)

AV:A/AC:L/Au:N/C:P/I:P/A:P

Access Vector	ADJACENT_NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	PARTIAL
Integrity Impact	PARTIAL
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 6.5

Impact Score: 6.4

Weaknesses

Source	Type	Description
[email protected]	Secondary	en CWE-323
[email protected]	Primary	en CWE-330

Affected Products

Vendor	Product	Version	Update	Type
canonical	ubuntu_linux	14.04	<built-in method update of dict object at 0x72a9b0b5d640>	Operating System
canonical	ubuntu_linux	16.04	<built-in method update of dict object at 0x72a9b0b5cd00>	Operating System
canonical	ubuntu_linux	17.04	<built-in method update of dict object at 0x72a9b0a75280>	Operating System
debian	debian_linux	8.0	<built-in method update of dict object at 0x72a9cc744c40>	Operating System
debian	debian_linux	9.0	<built-in method update of dict object at 0x72a9b0b5fa80>	Operating System
freebsd	freebsd	*	<built-in method update of dict object at 0x72a9b0b5c980>	Operating System
freebsd	freebsd	10	<built-in method update of dict object at 0x72a9b0b5f280>	Operating System
freebsd	freebsd	10.4	<built-in method update of dict object at 0x72a9b0b5d400>	Operating System
freebsd	freebsd	11	<built-in method update of dict object at 0x72a9b0a77280>	Operating System
freebsd	freebsd	11.1	<built-in method update of dict object at 0x72a9b0b5e300>	Operating System
opensuse	leap	42.2	<built-in method update of dict object at 0x72a9b0b5d140>	Operating System
opensuse	leap	42.3	<built-in method update of dict object at 0x72a9cc747ec0>	Operating System
redhat	enterprise_linux_desktop	7	<built-in method update of dict object at 0x72a9cc747780>	Operating System
redhat	enterprise_linux_server	7	<built-in method update of dict object at 0x72a9cc427940>	Operating System
w1.fi	hostapd	0.2.4	<built-in method update of dict object at 0x72a9b0b5f600>	Application
w1.fi	hostapd	0.2.5	<built-in method update of dict object at 0x72a9cc425dc0>	Application
w1.fi	hostapd	0.2.6	<built-in method update of dict object at 0x72a9b0b5d2c0>	Application
w1.fi	hostapd	0.2.8	<built-in method update of dict object at 0x72a9b0b5fa40>	Application
w1.fi	hostapd	0.3.7	<built-in method update of dict object at 0x72a9cc747a40>	Application
w1.fi	hostapd	0.3.9	<built-in method update of dict object at 0x72a9cc753700>	Application
w1.fi	hostapd	0.3.10	<built-in method update of dict object at 0x72a9cc747c00>	Application
w1.fi	hostapd	0.3.11	<built-in method update of dict object at 0x72a9b0b5e180>	Application
w1.fi	hostapd	0.4.7	<built-in method update of dict object at 0x72a9b0a76c40>	Application
w1.fi	hostapd	0.4.8	<built-in method update of dict object at 0x72a9b0b5cc40>	Application
w1.fi	hostapd	0.4.9	<built-in method update of dict object at 0x72a9cc745280>	Application
w1.fi	hostapd	0.4.10	<built-in method update of dict object at 0x72a9b0a75480>	Application
w1.fi	hostapd	0.4.11	<built-in method update of dict object at 0x72a9cc427f40>	Application
w1.fi	hostapd	0.5.7	<built-in method update of dict object at 0x72a9b0b5df00>	Application
w1.fi	hostapd	0.5.8	<built-in method update of dict object at 0x72a961ec2040>	Application
w1.fi	hostapd	0.5.9	<built-in method update of dict object at 0x72a961ec1340>	Application
w1.fi	hostapd	0.5.10	<built-in method update of dict object at 0x72a961ec3800>	Application
w1.fi	hostapd	0.5.11	<built-in method update of dict object at 0x72a961ec2880>	Application
w1.fi	hostapd	0.6.8	<built-in method update of dict object at 0x72a961ec2e80>	Application
w1.fi	hostapd	0.6.9	<built-in method update of dict object at 0x72a961ec3c00>	Application
w1.fi	hostapd	0.6.10	<built-in method update of dict object at 0x72a961ec0f40>	Application
w1.fi	hostapd	0.7.3	<built-in method update of dict object at 0x72a961ec1100>	Application
w1.fi	hostapd	1.0	<built-in method update of dict object at 0x72a961ec1540>	Application
w1.fi	hostapd	1.1	<built-in method update of dict object at 0x72a961ec17c0>	Application
w1.fi	hostapd	2.0	<built-in method update of dict object at 0x72a961ec03c0>	Application
w1.fi	hostapd	2.1	<built-in method update of dict object at 0x72a961ec1740>	Application
w1.fi	hostapd	2.2	<built-in method update of dict object at 0x72a961ec2480>	Application
w1.fi	hostapd	2.3	<built-in method update of dict object at 0x72a961ec1a80>	Application
w1.fi	hostapd	2.4	<built-in method update of dict object at 0x72a961ec1c00>	Application
w1.fi	hostapd	2.5	<built-in method update of dict object at 0x72a961ec0340>	Application
w1.fi	hostapd	2.6	<built-in method update of dict object at 0x72a961ec14c0>	Application
w1.fi	wpa_supplicant	0.2.4	<built-in method update of dict object at 0x72a961ec0b00>	Application
w1.fi	wpa_supplicant	0.2.5	<built-in method update of dict object at 0x72a961ec3100>	Application
w1.fi	wpa_supplicant	0.2.6	<built-in method update of dict object at 0x72a961ec09c0>	Application
w1.fi	wpa_supplicant	0.2.7	<built-in method update of dict object at 0x72a961ec2f00>	Application
w1.fi	wpa_supplicant	0.2.8	<built-in method update of dict object at 0x72a961ec02c0>	Application
w1.fi	wpa_supplicant	0.3.7	<built-in method update of dict object at 0x72a961ec3380>	Application
w1.fi	wpa_supplicant	0.3.8	<built-in method update of dict object at 0x72a961ec0e00>	Application
w1.fi	wpa_supplicant	0.3.9	<built-in method update of dict object at 0x72a961ec2500>	Application
w1.fi	wpa_supplicant	0.3.10	<built-in method update of dict object at 0x72a961ec26c0>	Application
w1.fi	wpa_supplicant	0.3.11	<built-in method update of dict object at 0x72a961ec00c0>	Application
w1.fi	wpa_supplicant	0.4.7	<built-in method update of dict object at 0x72a9af7f1140>	Application
w1.fi	wpa_supplicant	0.4.8	<built-in method update of dict object at 0x72a9ccef31c0>	Application
w1.fi	wpa_supplicant	0.4.9	<built-in method update of dict object at 0x72a9ccef37c0>	Application
w1.fi	wpa_supplicant	0.4.10	<built-in method update of dict object at 0x72a9ccef0140>	Application
w1.fi	wpa_supplicant	0.4.11	<built-in method update of dict object at 0x72a9ccef3ac0>	Application
w1.fi	wpa_supplicant	0.5.7	<built-in method update of dict object at 0x72a9ccef0bc0>	Application
w1.fi	wpa_supplicant	0.5.8	<built-in method update of dict object at 0x72a9ccef2600>	Application
w1.fi	wpa_supplicant	0.5.9	<built-in method update of dict object at 0x72a9ccef0640>	Application
w1.fi	wpa_supplicant	0.5.10	<built-in method update of dict object at 0x72a9ccef3ec0>	Application
w1.fi	wpa_supplicant	0.5.11	<built-in method update of dict object at 0x72a9ccef0c40>	Application
w1.fi	wpa_supplicant	0.6.8	<built-in method update of dict object at 0x72a9ccef1740>	Application
w1.fi	wpa_supplicant	0.6.9	<built-in method update of dict object at 0x72a9ccef2480>	Application
w1.fi	wpa_supplicant	0.6.10	<built-in method update of dict object at 0x72a9ccef3740>	Application
w1.fi	wpa_supplicant	0.7.3	<built-in method update of dict object at 0x72a9ccef2f40>	Application
w1.fi	wpa_supplicant	1.0	<built-in method update of dict object at 0x72a9ccef1680>	Application
w1.fi	wpa_supplicant	1.1	<built-in method update of dict object at 0x72a9ccef0840>	Application
w1.fi	wpa_supplicant	2.0	<built-in method update of dict object at 0x72a9ccef3d40>	Application
w1.fi	wpa_supplicant	2.1	<built-in method update of dict object at 0x72a9ccef3440>	Application
w1.fi	wpa_supplicant	2.2	<built-in method update of dict object at 0x72a9ccef33c0>	Application
w1.fi	wpa_supplicant	2.3	<built-in method update of dict object at 0x72a9ccef3800>	Application
w1.fi	wpa_supplicant	2.4	<built-in method update of dict object at 0x72a9ccf2b2c0>	Application
w1.fi	wpa_supplicant	2.5	<built-in method update of dict object at 0x72a9ccf2a900>	Application
w1.fi	wpa_supplicant	2.6	<built-in method update of dict object at 0x72a9ccf29fc0>	Application
suse	linux_enterprise_desktop	12	<built-in method update of dict object at 0x72a9ccf29c00>	Operating System
suse	linux_enterprise_desktop	12	<built-in method update of dict object at 0x72a9ccf2a7c0>	Operating System
suse	linux_enterprise_point_of_sale	11	<built-in method update of dict object at 0x72a9ccf29440>	Operating System
suse	linux_enterprise_server	11	<built-in method update of dict object at 0x72a9ccf29a80>	Operating System
suse	linux_enterprise_server	11	<built-in method update of dict object at 0x72a9ccf2b280>	Operating System
suse	linux_enterprise_server	12	<built-in method update of dict object at 0x72a9ccf291c0>	Operating System
suse	openstack_cloud	6	<built-in method update of dict object at 0x72a9ccf28a80>	Operating System

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::`
Yes	`cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::`
Yes	`cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*`
Yes	`cpe:2.3:o:debian:debian_linux:8.0:::::::*`
Yes	`cpe:2.3:o:debian:debian_linux:9.0:::::::*`
Yes	`cpe:2.3:o:freebsd:freebsd::::::::`
Yes	`cpe:2.3:o:freebsd:freebsd:10:::::::*`
Yes	`cpe:2.3:o:freebsd:freebsd:10.4:::::::*`
Yes	`cpe:2.3:o:freebsd:freebsd:11:::::::*`
Yes	`cpe:2.3:o:freebsd:freebsd:11.1:::::::*`
Yes	`cpe:2.3:o:opensuse:leap:42.2:::::::*`
Yes	`cpe:2.3:o:opensuse:leap:42.3:::::::*`
Yes	`cpe:2.3:o:redhat:enterprise_linux_desktop:7:::::::*`
Yes	`cpe:2.3:o:redhat:enterprise_linux_server:7:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:w1.fi:hostapd:0.2.4:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.2.5:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.2.6:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.2.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.3.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.3.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.3.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.3.11:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.4.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.4.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.4.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.4.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.4.11:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.5.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.5.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.5.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.5.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.5.11:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.6.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.6.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.6.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:0.7.3:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:1.0:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:1.1:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.0:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.1:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.2:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.3:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.4:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.5:::::::*`
Yes	`cpe:2.3:a:w1.fi:hostapd:2.6:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:1.0:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:1.1:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.0:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.1:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.2:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.3:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.4:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.5:::::::*`
Yes	`cpe:2.3:a:w1.fi:wpa_supplicant:2.6:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2::::::`
Yes	`cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3::::::`
Yes	`cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3::::::`
Yes	`cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::ltss::*`
Yes	`cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::`
Yes	`cpe:2.3:o:suse:linux_enterprise_server:12::::ltss:::`
Yes	`cpe:2.3:o:suse:openstack_cloud:6:::::::*`

References

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
Source: [email protected]
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
Source: [email protected]

Third Party Advisory
http://www.debian.org/security/2017/dsa-3999
Source: [email protected]

Third Party Advisory
http://www.kb.cert.org/vuls/id/228519
Source: [email protected]

Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Source: [email protected]
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Source: [email protected]
http://www.securityfocus.com/bid/101274
Source: [email protected]

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039570
Source: [email protected]

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039571
Source: [email protected]

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039573
Source: [email protected]

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039581
Source: [email protected]

Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3455-1
Source: [email protected]

Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907
Source: [email protected]

Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks
Source: [email protected]

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
Source: [email protected]
https://cert.vde.com/en-us/advisories/vde-2017-005
Source: [email protected]
https://github.com/vanhoefm/krackattacks-test-ap-ft
Source: [email protected]

Exploit Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02
Source: [email protected]
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697
Source: [email protected]
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
Source: [email protected]

Third Party Advisory
https://security.gentoo.org/glsa/201711-03
Source: [email protected]
https://source.android.com/security/bulletin/2017-11-01
Source: [email protected]
https://support.lenovo.com/us/en/product_security/LEN-17420
Source: [email protected]

Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
Source: [email protected]

Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Source: [email protected]

Third Party Advisory
https://www.krackattacks.com/
Source: [email protected]

Technical Description Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
http://www.debian.org/security/2017/dsa-3999
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
http://www.kb.cert.org/vuls/id/228519
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/101274
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039570
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039571
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039573
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039581
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3455-1
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
https://cert.vde.com/en-us/advisories/vde-2017-005
Source: af854a3a-2127-422b-91ae-364da2661108
https://github.com/vanhoefm/krackattacks-test-ap-ft
Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02
Source: af854a3a-2127-422b-91ae-364da2661108
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697
Source: af854a3a-2127-422b-91ae-364da2661108
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://security.gentoo.org/glsa/201711-03
Source: af854a3a-2127-422b-91ae-364da2661108
https://source.android.com/security/bulletin/2017-11-01
Source: af854a3a-2127-422b-91ae-364da2661108
https://support.lenovo.com/us/en/product_security/LEN-17420
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://www.krackattacks.com/
Source: af854a3a-2127-422b-91ae-364da2661108

Technical Description Third Party Advisory