10^4 attempts (worst case) to bruteforce the first four digits using the early NACK, 10^3 attempts (worst case) to bruteforce the entire pin once you know the first four (this part only has to iterate on three digits of the second half, and compute the checksum to get the last digit).
Not much math necessary for the explanation. Follow the link jaylevitt posted:
When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total.
I followed that link before I posted. I was unable to determine what 10^4 and 10^3 represented and the link did not explain it in a way for me to understand. Obtu was able to explain it to me.