CVE-2020-3702: Firmware updates for ath9k and ath10k chips
Pali Rohár
pali at kernel.org
Mon Dec 7 09:04:38 EST 2020
On Wednesday 07 October 2020 10:25:02 Pali Rohár wrote:
> On Wednesday 12 August 2020 12:23:34 Jouni Malinen wrote:
> > On Wed, Aug 12, 2020 at 11:17:47AM +0200, Toke Høiland-Jørgensen wrote:
> > > Pali Rohár <pali at kernel.org> writes:
> > > > Could somebody react and provide some details when fixes would be
> > > > available for ath9k and ath10k Linux drivers? And what is current state
> > > > of this issue for Linux?
> > > >
> > > > I'm looking at ath9k and ath10k git trees [1] [2] [3] and I do not see
> > > > there any change which could be related to CVE-2020-3702.
> > >
> > > How about these, from March:
> > >
> > > a0761a301746 ("mac80211: drop data frames without key on encrypted links")
> > > ce2e1ca70307 ("mac80211: Check port authorization in the ieee80211_tx_dequeue() case")
> > > b16798f5b907 ("mac80211: mark station unauthorized before key removal")
> >
> > Those cover most of the identified issues for drivers using mac80211
> > (e.g., ath9k and ath10k; though, I don't remember whether I actually
> > ever managed to reproduce this with ath10k in practice). I have couple
> > of additional ath9k-specific patches that cover additional lower layer
> > paths for this. I hope to get those out after confirming they work with
> > the current kernel tree snapshot.
>
> Hello! Could you please share your ath9k patches which address this issue?
Hello! Has somebody fixes this security issue in ath9k driver? About
4 months passed and if this issue is not fixed, could you please share
at least incomplete / WIP patches? I would like to look at it and have
this issue finally fixed.
More information about the ath10k
mailing list