HomeFreeBSD
Diffusion FreeBSD src repository e020f9602809

net80211: fail for unicast traffic without unicast key
e020f9602809
Actions

Description

net80211: fail for unicast traffic without unicast key

Falling back to the multicast key may cause unicast traffic to leak.
Instead fail when no key is found.

For more information see the 'Framing Frames: Bypassing Wi-Fi Encryption
by Manipulating Transmit Queues' paper.

Approved by: so
Security: FreeBSD-SA-23:11.wifi
Security: CVE-2022-47522

(cherry picked from commit 61605e0ae5d8f34b89b8e71e393f3006f511e86a)
(cherry picked from commit 84d538470bced9b1a45064c7845c92551a15e3e1)

Details

Provenance
domienschepers <schepers.d@northeastern.edu>Authored on Nov 10 2022, 12:00 AM
gordonCommitted on Sep 6 2023, 5:20 PM
Parents
rG0692341b263e: pf: handle multiple IPv6 fragment headers
Branches
Unknown
Tags
Unknown

Event Timeline

gordon committed rGe020f9602809: net80211: fail for unicast traffic without unicast key (authored by domienschepers <schepers.d@northeastern.edu>).Sep 6 2023, 5:20 PM

Changes (1)

PathSize
sys/
net80211/

rGe020f9602809

View Options

sys/net80211/ieee80211_crypto.c

Loading...