b***@freebsd.org
2021-05-24 13:16:55 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256119
Bug ID: 256119
Summary: [net80211] [patch]: mitigate A-MSDU FragAttacks design
flaw
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: wireless
Assignee: ***@FreeBSD.org
Reporter: ***@cs.kuleuven.be
Created attachment 225221
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=225221&action=edit
patch: git diff file
FreeBSD is also affected by the A-MSDU design flaw in Wi-Fi (CVE-2020-24588).
For background see Section 3 in https://papers.mathyvanhoef.com/usenix2021.pdf
This vulnerability can be reproduced using the FragAttack test tool at
https://github.com/vanhoefm/fragattacks with the test case "amsdu-inject-bad"
(the injected ping request should be rejected by the kernel).
The attached patches fixes this vulnerability. It was tested using a Belkin
F5D8053 (run driver) in client mode.
Bug ID: 256119
Summary: [net80211] [patch]: mitigate A-MSDU FragAttacks design
flaw
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: wireless
Assignee: ***@FreeBSD.org
Reporter: ***@cs.kuleuven.be
Created attachment 225221
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=225221&action=edit
patch: git diff file
FreeBSD is also affected by the A-MSDU design flaw in Wi-Fi (CVE-2020-24588).
For background see Section 3 in https://papers.mathyvanhoef.com/usenix2021.pdf
This vulnerability can be reproduced using the FragAttack test tool at
https://github.com/vanhoefm/fragattacks with the test case "amsdu-inject-bad"
(the injected ping request should be rejected by the kernel).
The attached patches fixes this vulnerability. It was tested using a Belkin
F5D8053 (run driver) in client mode.
--
You are receiving this mail because:
You are the assignee for the bug.
You are receiving this mail because:
You are the assignee for the bug.