CVE-2017-13080 Ubuntu Security Notification for Linux-firmware Vulnerabilities (USN-3505-1)

It was discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN.

A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13080, CVE-2017-13081)

Refer to Ubuntu advisory USN-3505-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3505-1: 16.04 (Xenial) on src (linux-firmware)

USN-3505-1: 17.10 (artful) on src (linux-firmware)

USN-3505-1: 17.04 (zesty) on src (linux-firmware)

USN-3505-1: 14.04 (Kylin) on src (linux-firmware)