WPA Supplicant 2.10 arrives solving some vulnerabilities, integrating improvements and more
After a year and a half of development, hostapd/wpa_supplicant 2 has been launched.10, a suite to support the IEEE 802 wireless protocols.1X, WPA, WPA2, WPA3 and EAP, which consists of the WPA_Supplyont application to connect to a wireless network such as a customer and the hostapd background process to provide an access point and an authentication server that includes components such as WPA Authenticator, Radius Authentication Client/Server, EAP server.
In addition to the functional changes, the new version blocks a new attack vector through third-party channels, affecting the SAE connection negotiation method (Simultaneous Authentication of Equals) and the EAP-PWD protocol.
And it is that the solved vulnerability allowed an attacker with the ability to execute code without privileges in the system of a user who connects to a wireless network can obtain information about the characteristics of a password by monitoring the activity in the system andUse it to simplify the divination of out -of -line passwords.
The problem is caused by the escape of information on the characteristics of the password through third -party channels, which allow, using indirect data, such as changes in delays during operations, clarifying the correction of the choice of password parts inThe process of your selection.
Unlike similar problems that were solved in 2019, the new vulnerability is due to the fact that the external cryptographic primitive.
According to the analysis of the processor cache behavior, an attacker with the ability to execute code without privileges in the same core of the processor could obtain information on the progress of password operations in SAE/EAP-PWD.All versions of WPA_supplyont and hostapd created with compatibility with SAE (conflic_ae = y) and EAP-PWD (config_eap_pwd = y) are affected.
As for the other changes that were implemented in the new version, the ability to compile with the Opensssl 3 cryptographic library was added.0.
The Beacon Protection mechanism proposed in the update of the WPA3 specification has been implemented, designed to protect against active attacks in a wireless network that manipulates the changes of Marco Beacon.
We can also find that support for DPP 2 (Wi-Fi device supply protocol) was added, which defines the public key authentication method used in the WPA3 standard to organize the simplified device configuration without a screen interface without a screen interface.The configuration is made by another more advanced device that is already connected to a wireless network.
In addition to this, support for TLS 1 was added.3 to the implementation of EAP-TLS (default default).
New configurations were added (max_auth_rounds, max_auth_rounds_short) to change the limits in the amount of EAP messages in the authentication process (it is possible that it is necessary to change the limits when very large certificates are used).
WEP compatibility is eliminated from predetermined compilations (reconstruction is required with the Conf_WEP = option and to return WEP compatibility).The disused functionality related to IAPP (access points protocol) was eliminated..The support for Libnl 1 was eliminated.1.The confilation option_n_tkip = and for compatibility with TKIP was added.
Vulnerabilities have been corrected in the UPNP implementation (CVE-2020-12695), in the P2P/Wi-Fi Direct controller (CVE-2021-27803) and in the PMF security mechanism (CVE-2019-16275).
Specific Hostapd changes include support for HEW wireless networks (High-Effiction Wireless, IEEE 802.11ax), including the ability to use the 6 GHz frequency band.
Of the other changes that stand out:
Finally if you are interested in knowing more about it, you can check the details in the following link.