linux is vulnerable to spoofable network frames. The vulnerability exists through the reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
www.debian.org/security/2017/dsa-3999
www.kb.cert.org/vuls/id/228519
www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
www.securityfocus.com/bid/101274
www.securitytracker.com/id/1039573
www.securitytracker.com/id/1039576
www.securitytracker.com/id/1039577
www.securitytracker.com/id/1039578
www.securitytracker.com/id/1039581
www.securitytracker.com/id/1039585
www.ubuntu.com/usn/USN-3455-1
access.redhat.com/security/vulnerabilities/kracks
cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
cert.vde.com/en-us/advisories/vde-2017-005
lists.debian.org/debian-lts-announce/2018/11/msg00015.html
security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
security.gentoo.org/glsa/201711-03
source.android.com/security/bulletin/2017-11-01
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
www.krackattacks.com/