b43 contains the following code (with - because I copied it from a patch
I have that removes it):
- if (skb->data[wlhdr_len + 3] & (1 << 5)) {
- /* The Ext-IV Bit is set in the "KeyID"
- * octet of the IV.
- */
- iv_len = 8;
- icv_len = 8;
- } else {
- iv_len = 4;
- icv_len = 4;
- }
- if (unlikely(skb->len < (wlhdr_len + iv_len + icv_len))) {
- b43dbg(dev->wl,
- "RX: Packet size underrun (4)\n");
- goto drop;
- }
- /* Remove the IV */
- memmove(skb->data + iv_len, skb->data, wlhdr_len);
- skb_pull(skb, iv_len);
- /* Remove the ICV */
- skb_trim(skb, skb->len - icv_len);
This means that it is vulnerable to CCMP replay attacks when hardware
crypto is used because the hardware doesn't verify the CCMP PN and
mac80211 cannot.
The patch quoted above fixes this but does a bunch of changes in
mac80211 too and needs to get some review. I hope we can get to that
before 2.6.24 so that b43 can finally go mainline.
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
