From: Jouni Malinen <j@w1.fi>
To: "Toke Høiland-Jørgensen" <toke@redhat.com>
Cc: "Pali Rohár" <pali@kernel.org>,
ath10k@lists.infradead.org, ath9k-devel@qca.qualcomm.com,
linux-wireless@vger.kernel.org,
"Kalle Valo" <kvalo@codeaurora.org>
Subject: Re: CVE-2020-3702: Firmware updates for ath9k and ath10k chips
Date: Wed, 12 Aug 2020 12:23:34 +0300 [thread overview]
Message-ID: <20200812092334.GA17878@w1.fi> (raw)
In-Reply-To: <87lfik1av8.fsf@toke.dk>
On Wed, Aug 12, 2020 at 11:17:47AM +0200, Toke Høiland-Jørgensen wrote:
> Pali Rohár <pali@kernel.org> writes:
> > Could somebody react and provide some details when fixes would be
> > available for ath9k and ath10k Linux drivers? And what is current state
> > of this issue for Linux?
> >
> > I'm looking at ath9k and ath10k git trees [1] [2] [3] and I do not see
> > there any change which could be related to CVE-2020-3702.
>
> How about these, from March:
>
> a0761a301746 ("mac80211: drop data frames without key on encrypted links")
> ce2e1ca70307 ("mac80211: Check port authorization in the ieee80211_tx_dequeue() case")
> b16798f5b907 ("mac80211: mark station unauthorized before key removal")
Those cover most of the identified issues for drivers using mac80211
(e.g., ath9k and ath10k; though, I don't remember whether I actually
ever managed to reproduce this with ath10k in practice). I have couple
of additional ath9k-specific patches that cover additional lower layer
paths for this. I hope to get those out after confirming they work with
the current kernel tree snapshot.
--
Jouni Malinen PGP id EFC895FA
next prev parent reply other threads:[~2020-08-12 9:25 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-10 9:01 CVE-2020-3702: Firmware updates for ath9k and ath10k chips Pali Rohár
2020-08-12 8:36 ` Pali Rohár
2020-08-12 9:17 ` Toke Høiland-Jørgensen
2020-08-12 9:23 ` Jouni Malinen [this message]
2020-08-12 9:32 ` Michał Kazior
2020-10-07 8:25 ` Pali Rohár
2020-12-07 14:04 ` Pali Rohár
2020-12-14 17:41 ` Jouni Malinen
2020-12-17 9:35 ` Pali Rohár
2020-08-12 9:31 ` Pali Rohár
2020-08-17 9:58 ` Kalle Valo
2020-08-17 10:36 ` Pali Rohár
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200812092334.GA17878@w1.fi \
--to=j@w1.fi \
--cc=ath10k@lists.infradead.org \
--cc=ath9k-devel@qca.qualcomm.com \
--cc=kvalo@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
--cc=pali@kernel.org \
--cc=toke@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).