[PATCH 0/2] RSN: Validate GTK KDE lengths before msg 4/4
Jouni Malinen
j at w1.fi
Wed May 20 02:20:52 PDT 2026
On Tue, May 12, 2026 at 09:15:56PM +0800, Chung-Hsien Hsu wrote:
> Validate GTK KDE lengths in EAPOL-Key message 3/4 before transmitting
> message 4/4.
>
> The GTK KDE length is already checked when processing the GTK for
> installation. However, that validation is reached only after message 4/4
> has been transmitted. This allows a malformed message 3/4 with an
> invalid GTK KDE length to be acknowledged even though the supplicant
> later rejects the GTK and fails the handshake.
>
> This series splits the early validation into non-MLO and MLO changes.
>
> Chung-Hsien Hsu (2):
> RSN: Reject invalid GTK KDE length in msg 3/4
> RSN: Reject invalid MLO GTK KDE length in msg 3/4
Thanks, applied with some cleanup.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list