After a year and a half of development, hostapd/wpa_supplicant 2.10 is released, a suite for supporting IEEE 802.1X, WPA, WPA2, WPA3, and EAP wireless protocols, consisting of the wpa_supplicant application for connecting to a wireless network as a client and hostapd background process for providing an access point and an authentication server including components such as WPA Authenticator, RADIUS authentication client/server, EAP server. The source texts of the project are distributed under the BSD license.
In addition to functional changes, the new version blocks a new attack vector through third-party channels, affecting the SAE (Simultaneous Authentication of Equals) connection negotiation method and the EAP-pwd protocol. An attacker with the ability to execute unprivileged code on the system of a user connecting to a wireless network can obtain information about password characteristics through tracking activity in the system and use them to simplify password guessing offline. The problem is caused by the leakage of information about the characteristics of the password through third-party channels, which allow, using indirect data, such as changes in delays in the performance of operations, to clarify the correctness of the choice of parts of the password in the process of its selection.
Unlike similar issues fixed in 2019, the new vulnerability is caused by the fact that the external cryptographic primitives used in the crypto_ec_point_solve_y_coord() function did not provide a constant execution time for operations, regardless of the nature of the data being processed. Based on the analysis of the behavior of the processor cache, an attacker with the ability to run unprivileged code on the same processor core could obtain information about the progress of password operations in SAE/EAP-pwd. All versions of wpa_supplicant and hostapd built with SAE (CONFIG_SAE=y) and EAP-pwd (CONFIG_EAP_PWD=y) support are affected.
Other changes in new releases of hostapd and wpa_supplicant:
- Added the ability to build with the OpenSSL 3.0 cryptographic library.
- Implemented the Beacon Protection mechanism proposed in the WPA3 specification update, designed to protect against active attacks on the wireless network that manipulate Beacon frame changes.
- Added support for DPP 2 (Wi-Fi Device Provisioning Protocol), which defines the public key authentication method used in the WPA3 standard to organize simplified configuration of devices without a screen interface. Configuration is carried out using another more advanced device that is already connected to a wireless network. For example, parameters for an IoT device without a screen can be set from a smartphone based on a snapshot of a QR code printed on the case;
- Added support for Extended Key IDs (IEEE 802.11-2016).
- Support for the SAE-PK (SAE Public Key) security mechanism has been added to the implementation of the SAE connection negotiation method. Implemented instant confirmation sending mode, enabled by the "sae_config_immediate=1" option, as well as the hash-to-element mechanism, enabled when the sae_pwe parameter is set to 1 or 2.
- Support for TLS 1.3 has been added to the EAP-TLS implementation (disabled by default).
- Added new settings (max_auth_rounds, max_auth_rounds_short) to change limits on the number of EAP messages in the authentication process (limit changes may be required when using very large certificates).
- Added support for the PASN (Pre Association Security Negotiation) mechanism to establish a secure connection and protect the exchange of control frames at an earlier connection stage.
- The Transition Disable mechanism has been implemented, which allows you to automatically disable roaming mode, which allows switching between access points as you move, to enhance security.
- WEP support is removed from builds by default (rebuilding with the CONFIG_WEP=y option is required to return WEP support). Removed deprecated functionality related to IAPP (Inter-Access Point Protocol). Support for libnl 1.1 has been dropped. Added build option CONFIG_NO_TKIP=y for building without TKIP support.
- Vulnerabilities have been fixed in the UPnP implementation (CVE-2020-12695), in the P2P/Wi-Fi Direct handler (CVE-2021-27803), and in the PMF security mechanism (CVE-2019-16275).
- Hostapd-specific changes include expanding support for HEW (High-Efficiency Wireless, IEEE 802.11ax) wireless networks, including the ability to use the 6 GHz frequency band.
- wpa_supplicant specific changes:
- Added support for access point mode settings for SAE (WPA3-Personal).
- For EDMG (IEEE 802.11ay) channels, P2P mode is supported.
- Improved throughput prediction and BSS selection.
- Expanded control interface via D-Bus.
- Added a new backend for storing passwords in a separate file, allowing you to remove confidential information from the main configuration file.
- Added new policies for SCS, MSCS and DSCP.
Source: opennet.ru