[Bug 256120] [net80211] [patch]: prevent plaintext injecting using cloaked A-MSDUs

bugzilla-noreply Mon, 24 May 2021 06:19:50 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256120


            Bug ID: 256120
           Summary: [net80211] [patch]: prevent plaintext injecting using
                    cloaked A-MSDUs
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: wireless
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 225222
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=225222&action=edit
patch: git diff file

FreeBSD is vulnerable to CVE-2020-26144 of the "FragAttacks" findings. For
background see Section 6.5 in https://papers.mathyvanhoef.com/usenix2021.pdf

This vulnerability can be reproduced using the FragAttack test tool at
https://github.com/vanhoefm/fragattacks with the test case "eapol-amsdu-bad
I,P" (the injected ping request should be rejected by the kernel).

The attached patches fixes this vulnerability. It was tested using a Belkin
F5D8053 (run driver) in client mode.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-wireless
To unsubscribe, send any mail to "[email protected]"

[Bug 256120] [net80211] [patch]: prevent plaintext injecting using cloaked A-MSDUs

Reply via email to