Pali Rohár <pali@xxxxxxxxxx> writes: > On Monday 10 August 2020 11:01:26 Pali Rohár wrote: >> Hello! >> >> ESET engineers on their blog published some information about new >> security vulnerability CVE-2020-3702 in ath9k wifi cards: >> https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/ >> >> According to Qualcomm security bulletin this CVE-2020-3702 affects also >> some Qualcomm IPQ chips which are handled by ath10k driver: >> https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin#_cve-2020-3702 >> >> Kalle, could you or other people from Qualcomm provide updated and fixed >> version of ath9k and ath10k firmwares in linux-firmware git repository? >> >> According to Qualcomm security bulletin this issue has Critical security >> rating, so I think fixed firmware files should be updated also in stable >> releases of linux distributions. > > Hello! > > Qualcomm has already sent following statement to media: > > Qualcomm has already made mitigations available to OEMs in May 2020, > and we encourage end users to update their devices as patches have > become available from OEMs. > > And based on information from ESET blog post, Qualcomm's proprietary > driver for these wifi cards is fixed since Qualcomm July release. > > Could somebody react and provide some details when fixes would be > available for ath9k and ath10k Linux drivers? And what is current state > of this issue for Linux? > > I'm looking at ath9k and ath10k git trees [1] [2] [3] and I do not see > there any change which could be related to CVE-2020-3702. How about these, from March: a0761a301746 ("mac80211: drop data frames without key on encrypted links") ce2e1ca70307 ("mac80211: Check port authorization in the ieee80211_tx_dequeue() case") b16798f5b907 ("mac80211: mark station unauthorized before key removal") -Toke
