https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256120
Bug ID: 256120 Summary: [net80211] [patch]: prevent plaintext injecting using cloaked A-MSDUs Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: wireless Assignee: wirel...@freebsd.org Reporter: mathy.vanh...@cs.kuleuven.be Created attachment 225222 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=225222&action=edit patch: git diff file FreeBSD is vulnerable to CVE-2020-26144 of the "FragAttacks" findings. For background see Section 6.5 in https://papers.mathyvanhoef.com/usenix2021.pdf This vulnerability can be reproduced using the FragAttack test tool at https://github.com/vanhoefm/fragattacks with the test case "eapol-amsdu-bad I,P" (the injected ping request should be rejected by the kernel). The attached patches fixes this vulnerability. It was tested using a Belkin F5D8053 (run driver) in client mode. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ freebsd-wireless@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-wireless To unsubscribe, send any mail to "freebsd-wireless-unsubscr...@freebsd.org"