CVE-2017-13080

Name	CVE-2017-13080
Description	Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-1150-1, DLA-1200-1, DLA-1573-1, DSA-3999-1, ELA-55-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
firmware-nonfree (PTS)	jessie/non-free	20190114+really20220913-0+deb8u3	fixed
	jessie/non-free (lts)	20190114+really20220913-0+deb8u1	fixed
	stretch/non-free	20190114+really20220913-0+deb9u3	fixed
	stretch/non-free (security)	20190114-2~deb9u1	fixed
	stretch/non-free (lts)	20190114+really20220913-0+deb9u1	fixed
	buster/non-free	20190114+really20220913-0+deb10u3	fixed
	buster/non-free (security)	20190114+really20220913-0+deb10u2	fixed
	bullseye/non-free	20210315-3	fixed
	bookworm/non-free-firmware	20230210-5	fixed
	sid/non-free-firmware, trixie/non-free-firmware	20240909-2	fixed
linux (PTS)	jessie, jessie (lts)	3.16.84-1	fixed
	stretch (security)	4.9.320-2	fixed
	stretch (lts), stretch	4.9.320-3	fixed
	buster (security), buster, buster (lts)	4.19.316-1	fixed
	bullseye	5.10.223-1	fixed
	bullseye (security)	5.10.226-1	fixed
	bookworm	6.1.115-1	fixed
	bookworm (security)	6.1.112-1	fixed
	trixie	6.11.7-1	fixed
	sid	6.11.9-1	fixed
wpa (PTS)	jessie, jessie (lts)	2.3-1+deb8u15	fixed
	stretch (security)	2:2.4-1+deb9u9	fixed
	stretch (lts), stretch	2:2.4-1+deb9u11	fixed
	buster, buster (lts)	2:2.7+git20190128+0c1e29f-6+deb10u5	fixed
	buster (security)	2:2.7+git20190128+0c1e29f-6+deb10u4	fixed
	bullseye (security), bullseye	2:2.9.0-21+deb11u2	fixed
	bookworm (security), bookworm	2:2.10-12+deb12u2	fixed
	sid, trixie	2:2.10-22	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
firmware-nonfree	source	wheezy	20161130-4~deb7u1	ELA-55-1
firmware-nonfree	source	jessie	20161130-4~deb8u1	DLA-1573-1
firmware-nonfree	source	stretch	20161130-4
firmware-nonfree	source	(unstable)	20180825-1
linux	source	wheezy	3.2.96-1	DLA-1200-1
linux	source	jessie	3.16.51-1
linux	source	stretch	4.9.65-1
linux	source	(unstable)	4.13.13-1
wpa	source	wheezy	1.0-3+deb7u5	DLA-1150-1
wpa	source	jessie	2.3-1+deb8u5	DSA-3999-1
wpa	source	stretch	2:2.4-1+deb9u1	DSA-3999-1
wpa	source	(unstable)	2:2.4-1.1

Notes

[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
https://w1.fi/security/2017-1/
https://git.kernel.org/linus/fdf7cb4185b60c68e1a75e61691c4afdc15dea0e (v4.14-rc6)