CVE-2020-3702: Firmware updates for ath9k and ath10k chips

Toke Høiland-Jørgensen toke at
Wed Aug 12 05:17:47 EDT 2020

Pali Rohár <pali at> writes:

> On Monday 10 August 2020 11:01:26 Pali Rohár wrote:
>> Hello!
>> ESET engineers on their blog published some information about new
>> security vulnerability CVE-2020-3702 in ath9k wifi cards:
>> According to Qualcomm security bulletin this CVE-2020-3702 affects also
>> some Qualcomm IPQ chips which are handled by ath10k driver:
>> Kalle, could you or other people from Qualcomm provide updated and fixed
>> version of ath9k and ath10k firmwares in linux-firmware git repository?
>> According to Qualcomm security bulletin this issue has Critical security
>> rating, so I think fixed firmware files should be updated also in stable
>> releases of linux distributions.
> Hello!
> Qualcomm has already sent following statement to media:
>     Qualcomm has already made mitigations available to OEMs in May 2020,
>     and we encourage end users to update their devices as patches have
>     become available from OEMs.
> And based on information from ESET blog post, Qualcomm's proprietary
> driver for these wifi cards is fixed since Qualcomm July release.
> Could somebody react and provide some details when fixes would be
> available for ath9k and ath10k Linux drivers? And what is current state
> of this issue for Linux?
> I'm looking at ath9k and ath10k git trees [1] [2] [3] and I do not see
> there any change which could be related to CVE-2020-3702.

How about these, from March:

a0761a301746 ("mac80211: drop data frames without key on encrypted links")
ce2e1ca70307 ("mac80211: Check port authorization in the ieee80211_tx_dequeue() case")
b16798f5b907 ("mac80211: mark station unauthorized before key removal")


More information about the ath10k mailing list