From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ath10k-bounces+kvalo=adurom.com@lists.infradead.org>
Received: from mail29.static.mailgun.info ([104.130.122.29])
 by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux))
 id 1k7buu-0001qU-HC
 for ath10k@lists.infradead.org; Mon, 17 Aug 2020 09:59:02 +0000
From: Kalle Valo <kvalo@codeaurora.org>
Subject: Re: CVE-2020-3702: Firmware updates for ath9k and ath10k chips
References: <20200810090126.mtu3uocpcjg5se5e@pali>
Date: Mon, 17 Aug 2020 12:58:52 +0300
In-Reply-To: <20200810090126.mtu3uocpcjg5se5e@pali> ("Pali
 \=\?utf-8\?Q\?Roh\?\= \=\?utf-8\?Q\?\=C3\=A1r\=22's\?\= message of
 "Mon, 10 Aug 2020 11:01:26 +0200")
Message-ID: <87a6ytlhk3.fsf@codeaurora.org>
MIME-Version: 1.0
List-Id: <ath10k.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/ath10k>,
 <mailto:ath10k-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/ath10k/>
List-Post: <mailto:ath10k@lists.infradead.org>
List-Help: <mailto:ath10k-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/ath10k>,
 <mailto:ath10k-request@lists.infradead.org?subject=subscribe>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: "ath10k" <ath10k-bounces@lists.infradead.org>
Errors-To: ath10k-bounces+kvalo=adurom.com@lists.infradead.org
To: Pali =?utf-8?Q?Roh=C3=A1r?= <pali@kernel.org>
Cc: linux-wireless@vger.kernel.org, ath9k-devel@qca.qualcomm.com, ath10k@lists.infradead.org

UGFsaSBSb2jDoXIgPHBhbGlAa2VybmVsLm9yZz4gd3JpdGVzOgoKPiBFU0VUIGVuZ2luZWVycyBv
biB0aGVpciBibG9nIHB1Ymxpc2hlZCBzb21lIGluZm9ybWF0aW9uIGFib3V0IG5ldwo+IHNlY3Vy
aXR5IHZ1bG5lcmFiaWxpdHkgQ1ZFLTIwMjAtMzcwMiBpbiBhdGg5ayB3aWZpIGNhcmRzOgo+IGh0
dHBzOi8vd3d3LndlbGl2ZXNlY3VyaXR5LmNvbS8yMDIwLzA4LzA2L2JleW9uZC1rcjAway1ldmVu
LW1vcmUtd2lmaS1jaGlwcy12dWxuZXJhYmxlLWVhdmVzZHJvcHBpbmcvCj4KPiBBY2NvcmRpbmcg
dG8gUXVhbGNvbW0gc2VjdXJpdHkgYnVsbGV0aW4gdGhpcyBDVkUtMjAyMC0zNzAyIGFmZmVjdHMg
YWxzbwo+IHNvbWUgUXVhbGNvbW0gSVBRIGNoaXBzIHdoaWNoIGFyZSBoYW5kbGVkIGJ5IGF0aDEw
ayBkcml2ZXI6Cj4gaHR0cHM6Ly93d3cucXVhbGNvbW0uY29tL2NvbXBhbnkvcHJvZHVjdC1zZWN1
cml0eS9idWxsZXRpbnMvYXVndXN0LTIwMjAtc2VjdXJpdHktYnVsbGV0aW4jX2N2ZS0yMDIwLTM3
MDIKCkkgY2FuJ3QgZmluZCBhbnkgcmVmZXJlcmVuY2VzIHRvIGF0aDEwaywgb3IgaGFyZHdhcmUg
d2l0aCBhdGgxMGsKY2hpcHNldHMsIGluIHRoZSBsaW5rcyBhYm92ZS4gV2hlcmUgZGlkIHlvdSBz
ZWUgaXQ/CgotLSAKaHR0cHM6Ly93aXJlbGVzcy53aWtpLmtlcm5lbC5vcmcvZW4vZGV2ZWxvcGVy
cy9kb2N1bWVudGF0aW9uL3N1Ym1pdHRpbmdwYXRjaGVzCgpfX19fX19fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fXwphdGgxMGsgbWFpbGluZyBsaXN0CmF0aDEwa0BsaXN0
cy5pbmZyYWRlYWQub3JnCmh0dHA6Ly9saXN0cy5pbmZyYWRlYWQub3JnL21haWxtYW4vbGlzdGlu
Zm8vYXRoMTBrCg==

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=ru0V=B3=vger.kernel.org=linux-wireless-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.5 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F278BC433E1
	for <linux-wireless@archiver.kernel.org>; Mon, 17 Aug 2020 09:59:02 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id CE3F3206FA
	for <linux-wireless@archiver.kernel.org>; Mon, 17 Aug 2020 09:59:02 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (1024-bit key) header.d=mg.codeaurora.org header.i=@mg.codeaurora.org header.b="ehmn6u/o"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726904AbgHQJ7C (ORCPT
        <rfc822;linux-wireless@archiver.kernel.org>);
        Mon, 17 Aug 2020 05:59:02 -0400
Received: from mail29.static.mailgun.info ([104.130.122.29]:55868 "EHLO
        mail29.static.mailgun.info" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1726366AbgHQJ7B (ORCPT
        <rfc822;linux-wireless@vger.kernel.org>);
        Mon, 17 Aug 2020 05:59:01 -0400
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=mg.codeaurora.org; q=dns/txt;
 s=smtp; t=1597658341; h=Content-Transfer-Encoding: Content-Type:
 MIME-Version: Message-ID: In-Reply-To: Date: References: Subject: Cc:
 To: From: Sender; bh=r47RPWSXqNT1XWwAvDmNKYquEbOTrGWH9VNHjFO0QdY=; b=ehmn6u/oA1cjexF/hOBHWr6INcW362nJY17CP22nfdvYN8yIR5yjoZriD6JtdmmOiWzzJUr6
 YrASbUNDpQHI90CSyMIrjhgM//dNAncWXRaqhoi3gmkkqkMhLs7wK5iZKNu4G6crZpqY8CkZ
 2MsKZbL9f1ivZOqru2EF0+fOfU4=
X-Mailgun-Sending-Ip: 104.130.122.29
X-Mailgun-Sid: WyI3YTAwOSIsICJsaW51eC13aXJlbGVzc0B2Z2VyLmtlcm5lbC5vcmciLCAiYmU5ZTRhIl0=
Received: from smtp.codeaurora.org
 (ec2-35-166-182-171.us-west-2.compute.amazonaws.com [35.166.182.171]) by
 smtp-out-n05.prod.us-east-1.postgun.com with SMTP id
 5f3a54e161f1d418342a2767 (version=TLS1.2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256); Mon, 17 Aug 2020 09:58:57
 GMT
Received: by smtp.codeaurora.org (Postfix, from userid 1001)
        id 5DA09C433CB; Mon, 17 Aug 2020 09:58:56 +0000 (UTC)
Received: from potku.adurom.net (88-114-240-156.elisa-laajakaista.fi [88.114.240.156])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        (Authenticated sender: kvalo)
        by smtp.codeaurora.org (Postfix) with ESMTPSA id A557CC433CA;
        Mon, 17 Aug 2020 09:58:54 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org A557CC433CA
Authentication-Results: aws-us-west-2-caf-mail-1.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=codeaurora.org
Authentication-Results: aws-us-west-2-caf-mail-1.web.codeaurora.org; spf=none smtp.mailfrom=kvalo@codeaurora.org
From:   Kalle Valo <kvalo@codeaurora.org>
To:     Pali =?utf-8?Q?Roh=C3=A1r?= <pali@kernel.org>
Cc:     ath10k@lists.infradead.org, ath9k-devel@qca.qualcomm.com,
        linux-wireless@vger.kernel.org
Subject: Re: CVE-2020-3702: Firmware updates for ath9k and ath10k chips
References: <20200810090126.mtu3uocpcjg5se5e@pali>
Date:   Mon, 17 Aug 2020 12:58:52 +0300
In-Reply-To: <20200810090126.mtu3uocpcjg5se5e@pali> ("Pali \=\?utf-8\?Q\?Roh\?\=
 \=\?utf-8\?Q\?\=C3\=A1r\=22's\?\= message of
        "Mon, 10 Aug 2020 11:01:26 +0200")
Message-ID: <87a6ytlhk3.fsf@codeaurora.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Sender: linux-wireless-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-wireless.vger.kernel.org>
X-Mailing-List: linux-wireless@vger.kernel.org

Pali Roh=C3=A1r <pali@kernel.org> writes:

> ESET engineers on their blog published some information about new
> security vulnerability CVE-2020-3702 in ath9k wifi cards:
> https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chi=
ps-vulnerable-eavesdropping/
>
> According to Qualcomm security bulletin this CVE-2020-3702 affects also
> some Qualcomm IPQ chips which are handled by ath10k driver:
> https://www.qualcomm.com/company/product-security/bulletins/august-2020-s=
ecurity-bulletin#_cve-2020-3702

I can't find any refererences to ath10k, or hardware with ath10k
chipsets, in the links above. Where did you see it?

--=20
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatc=
hes