Apply patches for WPA2 Wi-Fi network vulnerability

Document created by Andy Tian Employee on Nov 14, 2017Last modified by Andy Tian Employee on Dec 1, 2017
Version 2Show Document
  • View in full screen mode

On mid Oct 2017, researchers revealed details of a new exploit called KRACK that takes advantage of vulnerabilities in Wi-Fi security to let attackers eavesdrop on traffic between computers and wireless access points.It takes advantage of several key management vulnerabilities in the WPA2 security protocol, the popular authentication scheme used to protect personal and enterprise Wi-Fi networks.

Google has already fixed the problem for customers running supported versions of Android version 5,6,7 and 8. The formal patches has already released in 2017-11-06 security patch.

The URL is:

   Android Security Bulletin—November 2017   

And these patches are listed in  chapter 2017-11-06 security patch, System section.

Please all series devices that use the security patch level  earlier than 2017-11-06 must include all applicable patches to fix this wifi vulnerability on Android.

Here these patch has been applied for imx Android mm6.0 and ng7.0 release, to avoid this wifi vulnerability, it is recommended to have these patches in this attach applied, which should be applied to external/wpa_supplicant_8.