mac80211: drop A-MSDUs on old ciphers - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Johannes Berg <[email protected]>	2021-05-11 20:02:46 +0200
committer	Johannes Berg <[email protected]>	2021-05-11 20:13:23 +0200
commit	270032a2a9c4535799736142e1e7c413ca7b836e (patch)
tree	762ad2b424fdfb30f852e47ab3b6e12040eef2d9 /lib/test_fortify/write_overflow-strncpy-src.c
parent	2b8a1fee3488c602aca8bea004a087e60806a5cf (diff)

mac80211: drop A-MSDUs on old ciphers

With old ciphers (WEP and TKIP) we shouldn't be using A-MSDUs since A-MSDUs are only supported if we know that they are, and the only practical way for that is HT support which doesn't support old ciphers. However, we would normally accept them anyway. Since we check the MMIC before deaggregating A-MSDUs, and the A-MSDU bit in the QoS header is not protected in TKIP (or WEP), this enables attacks similar to CVE-2020-24588. To prevent that, drop A-MSDUs completely with old ciphers. Cc: [email protected] Link: https://lore.kernel.org/r/20210511200110.076543300172.I548e6e71f1ee9cad4b9a37bf212ae7db723587aa@changeid Signed-off-by: Johannes Berg <[email protected]>

Diffstat (limited to 'lib/test_fortify/write_overflow-strncpy-src.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: