[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1102675: marked as done (bookworm-pu: package wpa/2:2.10-12+deb12u3)

Your message dated Sat, 06 Sep 2025 12:14:50 +0100
with message-id <ee4c0876608d99eb3f8b333b556fbd92e7a652eb.camel@adam-barratt.org.uk>
and subject line Closing p-u requests for fixes included in 12.12
has caused the Debian Bug report #1102675,
regarding bookworm-pu: package wpa/2:2.10-12+deb12u3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1102675: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102675
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: wpa@packages.debian.org
Control: affects -1 + src:wpa
User: release.debian.org@packages.debian.org
Usertags: pu


[ Reason ]
CVE-2022-37660

[ Impact ]
security problem low

[ Tests ]
no but patch is straight forward


[ Risks ]
Low

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Fix CVE-2022-37660: the PKEX code remains active even after a successful PKEX
association. An attacker that successfully bootstrapped public keys with
another entity using PKEX in the past, will be able to subvert a future
bootstrapping by passively observing public keys, re-using the encrypting
element Qi and subtracting it from the captured message M (X = M - Qi). This
will result in the public ephemeral key X; the only element required to 
subvert
the PKEX association


[ Other info ]
No

diff -Nru wpa-2.10/debian/changelog wpa-2.10/debian/changelog
--- wpa-2.10/debian/changelog	2024-08-05 21:07:00.000000000 +0200
+++ wpa-2.10/debian/changelog	2025-04-11 16:29:46.000000000 +0200
@@ -1,3 +1,20 @@
+wpa (2:2.10-12+deb12u3) bookworm; urgency=medium
+
+  * Non-maintainer upload by the LTS Security Team.
+  * debian/patches/CVE-2022-37660.patch: Add hostapd_dpp_pkex_clear_code()
+    and wpas_dpp_pkex_clear_code(), and clear code reusage in
+    ./src/ap/dpp_hostapd.c and ./wpa_supplicant/dpp_supplicant.c
+  * Fix CVE-2022-37660: the PKEX code remains active even after
+    a successful PKEX association. An attacker that successfully
+    bootstrapped public keys with another entity using PKEX in
+    the past, will be able to subvert a future bootstrapping by
+    passively observing public keys, re-using the encrypting
+    element Qi and subtracting it from the captured message
+    M (X = M - Qi). This will result in the public ephemeral
+    key X; the only element required to subvert the PKEX association
+
+ -- Bastien Roucariès <rouca@debian.org>  Fri, 11 Apr 2025 16:29:46 +0200
+
 wpa (2:2.10-12+deb12u2) bookworm-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru wpa-2.10/debian/patches/CVE-2022-37660.patch wpa-2.10/debian/patches/CVE-2022-37660.patch
--- wpa-2.10/debian/patches/CVE-2022-37660.patch	1970-01-01 01:00:00.000000000 +0100
+++ wpa-2.10/debian/patches/CVE-2022-37660.patch	2025-04-11 16:29:46.000000000 +0200
@@ -0,0 +1,117 @@
+From 15af83cf1846870873a011ed4d714732f01cd2e4 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <quic_jouni@quicinc.com>
+Date: Tue, 19 Jul 2022 21:23:04 +0300
+Subject: DPP: Delete PKEX code and identifier on success completion of PKEX
+
+We are not supposed to reuse these without being explicitly requested to
+perform PKEX again. There is not a strong use case for being able to
+provision an Enrollee multiple times with PKEX, so this should have no
+issues on the Enrollee. For a Configurator, there might be some use
+cases that would benefit from being able to use the same code with
+multiple Enrollee devices, e.g., for guess access with a laptop and a
+smart phone. That case will now require a new DPP_PKEX_ADD command on
+the Configurator after each completion of the provisioning exchange.
+
+Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
+
+[hostapd_dpp_pkex_done() in dpp_hostapd.c and wpas_dpp_pkex_done() in
+dpp_supplicant.c were introduced in 2.11 --Hlib Korzhynskyy]
+
+Origin: backport, 15af83cf1846870873a011ed4d714732f01cd2e4
+---
+ src/ap/dpp_hostapd.c            | 22 +++++++++++++++++++++-
+ wpa_supplicant/dpp_supplicant.c | 21 ++++++++++++++++++++-
+ 2 files changed, 41 insertions(+), 2 deletions(-)
+
+--- a/src/ap/dpp_hostapd.c
++++ b/src/ap/dpp_hostapd.c
+@@ -216,6 +216,22 @@ static void hostapd_dpp_auth_resp_retry(
+ }
+ 
+ 
++static void hostapd_dpp_pkex_clear_code(struct hostapd_data *hapd)
++{
++	if (!hapd->dpp_pkex_code && !hapd->dpp_pkex_identifier)
++		return;
++
++	/* Delete PKEX code and identifier on successful completion of
++	 * PKEX. We are not supposed to reuse these without being
++	 * explicitly requested to perform PKEX again. */
++	wpa_printf(MSG_DEBUG, "DPP: Delete PKEX code/identifier");
++	os_free(hapd->dpp_pkex_code);
++	hapd->dpp_pkex_code = NULL;
++	os_free(hapd->dpp_pkex_identifier);
++	hapd->dpp_pkex_identifier = NULL;
++}
++
++
+ void hostapd_dpp_tx_status(struct hostapd_data *hapd, const u8 *dst,
+ 			   const u8 *data, size_t data_len, int ok)
+ {
+@@ -1842,6 +1858,7 @@ hostapd_dpp_rx_pkex_commit_reveal_req(st
+ 				wpabuf_head(msg), wpabuf_len(msg));
+ 	wpabuf_free(msg);
+ 
++	hostapd_dpp_pkex_clear_code(hapd);
+ 	bi = dpp_pkex_finish(hapd->iface->interfaces->dpp, pkex, src, freq);
+ 	if (!bi)
+ 		return;
+@@ -1873,6 +1890,7 @@ hostapd_dpp_rx_pkex_commit_reveal_resp(s
+ 		return;
+ 	}
+ 
++	hostapd_dpp_pkex_clear_code(hapd);
+ 	bi = dpp_pkex_finish(hapd->iface->interfaces->dpp, pkex, src, freq);
+ 	if (!bi)
+ 		return;
+@@ -2215,7 +2233,7 @@ int hostapd_dpp_pkex_remove(struct hosta
+ 			return -1;
+ 	}
+ 
+-	if ((id_val != 0 && id_val != 1) || !hapd->dpp_pkex_code)
++	if ((id_val != 0 && id_val != 1))
+ 		return -1;
+ 
+ 	/* TODO: Support multiple PKEX entries */
+--- a/wpa_supplicant/dpp_supplicant.c
++++ b/wpa_supplicant/dpp_supplicant.c
+@@ -2557,6 +2557,22 @@ static int wpas_dpp_pkex_next_channel(st
+ }
+ 
+ 
++static void wpas_dpp_pkex_clear_code(struct wpa_supplicant *wpa_s)
++{
++	if (!wpa_s->dpp_pkex_code && !wpa_s->dpp_pkex_identifier)
++		return;
++
++	/* Delete PKEX code and identifier on successful completion of
++	 * PKEX. We are not supposed to reuse these without being
++	 * explicitly requested to perform PKEX again. */
++	os_free(wpa_s->dpp_pkex_code);
++	wpa_s->dpp_pkex_code = NULL;
++	os_free(wpa_s->dpp_pkex_identifier);
++	wpa_s->dpp_pkex_identifier = NULL;
++
++}
++
++
+ static void wpas_dpp_pkex_retry_timeout(void *eloop_ctx, void *timeout_ctx)
+ {
+ 	struct wpa_supplicant *wpa_s = eloop_ctx;
+@@ -2739,6 +2755,7 @@ wpas_dpp_pkex_finish(struct wpa_supplica
+ {
+ 	struct dpp_bootstrap_info *bi;
+ 
++	wpas_dpp_pkex_clear_code(wpa_s);
+ 	bi = dpp_pkex_finish(wpa_s->dpp, wpa_s->dpp_pkex, peer, freq);
+ 	if (!bi)
+ 		return NULL;
+@@ -3369,7 +3386,7 @@ int wpas_dpp_pkex_remove(struct wpa_supp
+ 			return -1;
+ 	}
+ 
+-	if ((id_val != 0 && id_val != 1) || !wpa_s->dpp_pkex_code)
++	if ((id_val != 0 && id_val != 1))
+ 		return -1;
+ 
+ 	/* TODO: Support multiple PKEX entries */
diff -Nru wpa-2.10/debian/patches/series wpa-2.10/debian/patches/series
--- wpa-2.10/debian/patches/series	2024-08-05 21:07:00.000000000 +0200
+++ wpa-2.10/debian/patches/series	2025-04-11 16:29:46.000000000 +0200
@@ -12,3 +12,4 @@
 wpa_service_netdev.patch
 0013-CVE-2023-52160-PEAP-client-Update-Phase-2-authentica.patch
 CVE-2024-5290-lib_engine_trusted_path.patch
+CVE-2022-37660.patch

Attachment: signature.asc
Description: This is a digitally signed message part.


--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 12.12

Hi,

Each of the updates referenced by these requests was included in
today's 12.12 point release for bookworm.

Regards,

Adam

--- End Message ---
Reply to: