CVE-2017-13080

Name	CVE-2017-13080
Description	Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-1150-1, DLA-1200-1, DLA-1573-1, DSA-3999-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
firmware-nonfree (PTS)	bullseye/non-free	20210315-3	fixed
	bookworm/non-free-firmware	20230210-5	fixed
	trixie/non-free-firmware, sid/non-free-firmware	20250410-2	fixed
linux (PTS)	bullseye	5.10.223-1	fixed
	bullseye (security)	5.10.237-1	fixed
	bookworm	6.1.137-1	fixed
	bookworm (security)	6.1.135-1	fixed
	trixie	6.12.27-1	fixed
	sid	6.12.29-1	fixed
wpa (PTS)	bullseye	2:2.9.0-21+deb11u2	fixed
	bullseye (security)	2:2.9.0-21+deb11u3	fixed
	bookworm, bookworm (security)	2:2.10-12+deb12u2	fixed
	sid, trixie	2:2.10-24	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
firmware-nonfree	source	jessie	20161130-4~deb8u1	DLA-1573-1
firmware-nonfree	source	stretch	20161130-4
firmware-nonfree	source	(unstable)	20180825-1
linux	source	wheezy	3.2.96-1	DLA-1200-1
linux	source	jessie	3.16.51-1
linux	source	stretch	4.9.65-1
linux	source	(unstable)	4.13.13-1
wpa	source	wheezy	1.0-3+deb7u5	DLA-1150-1
wpa	source	jessie	2.3-1+deb8u5	DSA-3999-1
wpa	source	stretch	2:2.4-1+deb9u1	DSA-3999-1
wpa	source	(unstable)	2:2.4-1.1

Notes

[jessie] - firmware-nonfree <no-dsa> (non-free not supported)
https://w1.fi/security/2017-1/
https://git.kernel.org/linus/fdf7cb4185b60c68e1a75e61691c4afdc15dea0e (v4.14-rc6)