Can this issue even be fixed on the AP side? You could change the AP‘s behaviour to never ever resend Message 3, but that seems very drastic.
As far as I understood the article by Vanhoef and Piessens, the vulnerability lies within the behavior of the client (that conforms to the 802.11i amendment), as it still accepts retransmissions of Message 3 even if it is already in the PTK-DONE state. —� Nicolas Schmidt > Am 17.10.2017 um 19:15 schrieb Matthew Graybosch <[email protected]>: > > On Tue, 17 Oct 2017 19:09:29 +0200 > "Stephane HUC \"PengouinBSD\"" <[email protected]> wrote: > >> Just for the fun: >> http://www.commitstrip.com/en/2017/10/16/wpa2-vulnerability-just-a-small-update/ > > I saw somebody share that on Mastodon this morning. :) > > On a more serious note; am I correct in assuming that the patch is > already in 6.2? > > -- > Matthew Graybosch > https://matthewgraybosch.com > > "If you didn't want me to say 'both', you should have used XOR."
