is there also going to be an update for CC as well?
David Lang
Good stuff guys! Way to be ahead of the game...
I suppose Windows will be updated via "Windows Update" patches.
In my opinion the problem will be for TV/Phones.
Many brands don't update their firmware because they prefer to sell you a new TV/Phone/etc... with a patched version of wifi, instead of updating the old devices.
Sadly is another way to take people's money.
"Fast roaming" is not enabled by default in LEDE. It involves two or more AP's on the same network telling each other the client's key over the "backhaul" network. This allows a client to physically move to a new AP (e.g. walking down a hallway) and communicate data immediately by re-using its old key.
Since hostapd / wpad is a user-space program, likely one could put the new binary on an old version of the OS and still have it work. But if you're in an environment where over the air hacking is a concern, you should run the latest versions of everything.
So if we are on latest .... need a full flash? Or just upgrade hostapd package?
The fix is available now. Update wpad (or wpad-mini) and hostapd-common to the latest version.
wpad - 2016-12-19-ad02e79d-5
hostapd-common - 2016-12-19-ad02e79d-5
1 Like
I have just updated my packages lists, but can still only see:
wpad - 2016-12-19-ad02e79d-4 and hostapd-common - 2016-12-19-ad02e79d-4
Am I doing something wrong?
Model - Linksys WRT1900AC
Firmware Version - LEDE Reboot 17.01.3 r3533-d0bf257c46 / LuCI lede-17.01 branch (git-17.232.21093-079f65a)
I'm having the same issue where the updated versions don't show up on my TP-Link TL-WDR4300 v1 on 17.0.3.
Different targets update at different times, just be patient. Updated packages will appear within the next hours.
2 Likes
Check this Reddit post:
https://www.reddit.com/r/KRaCK/comments/76q2n7/this_is_mainly_a_clientbased_attack/
The AP can be used to forward injected packets to any other device on the network.
So updating AP is not only about "roaming" it seems.
hmm, from another discussion on the topic, I was pointed at
https://marc.info/?l=linux-wireless&m=150814547710569&w=2 which seems to
indicate a need for a slight change in the kernel mac80211 code.
David Lang
Please let us know which packages need to be upgraded.
Pls. use the front page and make a formal statement about the security threat and how people can mitigate the problem until a new release is out. If done right, it could draw more users to the platform instead of scare them away.
1 Like
I don't think there is something to be scared of.
Scary is the thought that millions or routers around the globe that are linux based will be unpatched indefinitely, at least until (and if) the X OEM decides to provide updated/patched firmwares.
We are "the lucky ones", in some way. 
Even with a fully patched LEDE, clients (e.g. smartphones) that are un-patched will still be vulnerable, correct?
https://downloads.lede-project.org/releases/17.01.3/packages/arm_cortex-a9_vfpv3/
hostapd, wpad and wpa-supplicant packages for arm_cortex-a9_vfpv3 (WRT AC/ACS/ACM) have been updated...
from:
hostapd_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
hostapd-common_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
hostapd-mini_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
hostapd-utils_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipkto:
hostapd_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
hostapd-common_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
hostapd-mini_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
hostapd-utils_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
from:
wpad_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
wpad-mesh_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
wpad-mini_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipkto:
wpad_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
wpad-mesh_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
wpad-mini_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
from:
wpa-supplicant_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
wpa-supplicant-mesh_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
wpa-supplicant-mini_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipk
wpa-supplicant-p2p_2016-12-19-ad02e79d-4_arm_cortex-a9_vfpv3.ipkto:
wpa-supplicant_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
wpa-supplicant-mesh_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
wpa-supplicant-mini_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
wpa-supplicant-p2p_2016-12-19-ad02e79d-5_arm_cortex-a9_vfpv3.ipk
Not upgrading yet, waiting for further info (tomorrow I guess).
Updated wpad-mini and hostapd-common, the only two that were installed on my TP-Link TL-WDR4300 v1, rebooted, and nothing's exploded so far.
Have also updated wpad and hostapd and everything OK so far.
But there is also a kernel patch as part of the fix:
https://git.lede-project.org/?p=source.git;a=commitdiff;h=2f701194c29da50bfda968a83c6609843f74a7f4
Does anyone know when the 17.01.4 release is planned for?
More background info
I suppose Windows will be updated via “Windows Update” patches.
MS pushed patches for all supported versions (Win 7/Server 2008 and higher) as part of last weeks patch Tuesday update. If you've already installed the patches you should be safe from this vulnerability.