mac80211: drop A-MSDUs on old ciphers - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Johannes Berg <johannes.berg@intel.com>	2021-05-11 21:02:46 +0300
committer	Johannes Berg <johannes.berg@intel.com>	2021-05-11 21:13:23 +0300
commit	270032a2a9c4535799736142e1e7c413ca7b836e (patch)
tree	762ad2b424fdfb30f852e47ab3b6e12040eef2d9 /net/mac80211/sta_info.c
parent	2b8a1fee3488c602aca8bea004a087e60806a5cf (diff)
download	linux-270032a2a9c4535799736142e1e7c413ca7b836e.tar.xz

mac80211: drop A-MSDUs on old ciphers

With old ciphers (WEP and TKIP) we shouldn't be using A-MSDUs since A-MSDUs are only supported if we know that they are, and the only practical way for that is HT support which doesn't support old ciphers. However, we would normally accept them anyway. Since we check the MMIC before deaggregating A-MSDUs, and the A-MSDU bit in the QoS header is not protected in TKIP (or WEP), this enables attacks similar to CVE-2020-24588. To prevent that, drop A-MSDUs completely with old ciphers. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20210511200110.076543300172.I548e6e71f1ee9cad4b9a37bf212ae7db723587aa@changeid Signed-off-by: Johannes Berg <johannes.berg@intel.com>

Diffstat (limited to 'net/mac80211/sta_info.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: