>> Section 3.6 of https://papers.mathyvanhoef.com/usenix2021.pdf briefly >> discusses the wrong behavior of Linux 4.9+ that this patch tries to fix: >> "Linux 4.9 and above .. strip away the first 8 bytes of an A-MSDU frame >> if these bytes look like a valid LLC/SNAP header, and then further >> process the frame. This behavior is not compliant with the 802.11 standard." >> > > How about linux 4.9 below, are they compliant with 802.11 standard or not? They are compliant. > Would they need additional patches to mitigate the aggregation attack? They need the backport of "[PATCH 04/18] cfg80211: mitigate A-MSDU aggregation attacks" to mitigate attacks. This patch has been backported to 4.4: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.4.275&id=daea7ff51861cec93ff7f561095d9048b673b51f So if you take all the patches that have been backported to 4.4 you should be OK. Cheers, Mathy
