d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
38c857d956
freebsd-dev/sys/net80211
History
Mathy Vanhoef ffc19cf52d net80211: prevent plaintext injection by A-MSDU RFC1042/EAPOL frames 
No longer accept plaintext A-MSDU frames that start with an RFC1042
header with EtherType EAPOL.  This is done by only accepting EAPOL
packets that are included in non-aggregated 802.11 frames.

Note that before this patch, FreeBSD also only accepted EAPOL frames
that are sent in a non-aggregated 802.11 frame due to bugs in
processing EAPOL packets inside A-MSDUs. In other words,
compatibility with legitimate devices remains the same.

This relates to section 6.5 in the 2021 Usenix "FragAttacks" (Fragment
and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation)
paper.

Submitted by:	Mathy Vanhoef (Mathy.Vanhoef kuleuven.be)
Security:	CVE-2020-26144
PR:		256120
MFC after:	7 days
Differential Revision: https://reviews.freebsd.org/D30665
2021-09-30 14:54:04 +00:00
..
_ieee80211.h net80211: rx_stats add 160Mhz channel width. 2021-02-28 19:24:22 +00:00
ieee80211_acl.c
ieee80211_action.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_action.h
ieee80211_adhoc.c net80211: prevent plaintext injection by A-MSDU RFC1042/EAPOL frames 2021-09-30 14:54:04 +00:00
ieee80211_adhoc.h
ieee80211_ageq.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_ageq.h
ieee80211_alq.c Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (7 of many) 2020-02-21 16:32:17 +00:00
ieee80211_alq.h
ieee80211_amrr.c Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (7 of many) 2020-02-21 16:32:17 +00:00
ieee80211_amrr.h
ieee80211_crypto_ccmp.c
ieee80211_crypto_none.c
ieee80211_crypto_tkip.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_crypto_wep.c net80211: prefix get_random_bytes() with net80211_ 2021-03-24 22:16:09 +00:00
ieee80211_crypto.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_crypto.h
ieee80211_ddb.c [net80211] Migrate HT/legacy protection mode and preamble calculation to per-VAP flags 2020-07-01 00:23:49 +00:00
ieee80211_dfs.c net80211: prefix get_random_bytes() with net80211_ 2021-03-24 22:16:09 +00:00
ieee80211_dfs.h
ieee80211_freebsd.c net80211: prefix get_random_bytes() with net80211_ 2021-03-24 22:16:09 +00:00
ieee80211_freebsd.h net80211: prefix get_random_bytes() with net80211_ 2021-03-24 22:16:09 +00:00
ieee80211_hostap.c net80211: prevent plaintext injection by A-MSDU RFC1042/EAPOL frames 2021-09-30 14:54:04 +00:00
ieee80211_hostap.h
ieee80211_ht.c Provide MS() and SM() macros for 80211 and wireless drivers. 2020-09-24 10:57:39 +00:00
ieee80211_ht.h [net80211] Commit files missing in the previous commit 2020-07-01 00:24:55 +00:00
ieee80211_hwmp.c net80211(4): Fix a few common typos in source code comments 2021-09-25 13:57:41 +02:00
ieee80211_input.c net80211: mitigation against A-MSDU design flaw 2021-09-30 14:50:45 +00:00
ieee80211_input.h net80211: mitigation against A-MSDU design flaw 2021-09-30 14:50:45 +00:00
ieee80211_ioctl.c net80211: factor out the priv(9) checks into OS specifc code. 2020-10-18 21:34:04 +00:00
ieee80211_ioctl.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_mesh.c net80211: reject mixed plaintext/encrypted fragments 2021-09-30 14:47:41 +00:00
ieee80211_mesh.h Remove "All Rights Reserved" from FreeBSD Foundation sys/ copyrights 2021-08-08 10:42:24 -04:00
ieee80211_monitor.c
ieee80211_monitor.h
ieee80211_node.c net80211(4): Fix a few common typos in source code comments 2021-09-25 13:57:41 +02:00
ieee80211_node.h 80211: non-functional changes 2020-10-07 21:56:58 +00:00
ieee80211_output.c net80211: comments and whitespace 2021-09-04 09:16:25 +00:00
ieee80211_phy.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_phy.h [net80211] Migrate short slot time configuration into per-vap and deferred taskqueue updates. 2020-06-05 06:21:23 +00:00
ieee80211_power.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_power.h
ieee80211_proto.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_proto.h net80211: split up ieee80211_probereq() 2021-03-18 11:02:45 +00:00
ieee80211_radiotap.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_radiotap.h net80211/LinuxKPI: add more radiotap definitions 2021-06-05 16:21:49 +00:00
ieee80211_ratectl_none.c
ieee80211_ratectl.c
ieee80211_ratectl.h net80211: ratectl header guard against multiple inclusions 2021-03-07 17:35:58 +00:00
ieee80211_regdomain.c net80211: update for (more) VHT160 support 2020-10-18 00:27:20 +00:00
ieee80211_regdomain.h
ieee80211_rssadapt.c Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (7 of many) 2020-02-21 16:32:17 +00:00
ieee80211_rssadapt.h
ieee80211_scan_sta.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_scan_sw.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_scan_sw.h
ieee80211_scan.c net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_scan.h
ieee80211_sta.c net80211: prevent plaintext injection by A-MSDU RFC1042/EAPOL frames 2021-09-30 14:54:04 +00:00
ieee80211_sta.h [net80211] Add initial U-APSD negotiation support. 2020-06-16 00:27:32 +00:00
ieee80211_superg.c Provide MS() and SM() macros for 80211 and wireless drivers. 2020-09-24 10:57:39 +00:00
ieee80211_superg.h
ieee80211_tdma.c
ieee80211_tdma.h net: clean up empty lines in .c and .h files 2020-09-01 21:19:14 +00:00
ieee80211_var.h net80211: add func/line information to IEEE80211_DISCARD* macros 2021-09-04 09:24:51 +00:00
ieee80211_vht.c net80211: update for (more) VHT160 support 2020-10-18 00:27:20 +00:00
ieee80211_vht.h [net80211] Commit files missing in the previous commit 2020-07-01 00:24:55 +00:00
ieee80211_wds.c net80211: prevent plaintext injection by A-MSDU RFC1042/EAPOL frames 2021-09-30 14:54:04 +00:00
ieee80211_wds.h
ieee80211_wps.h
ieee80211_xauth.c
ieee80211.c net80211: update for (more) VHT160 support 2020-10-18 00:27:20 +00:00
ieee80211.h net80211: update for (more) VHT160 support 2020-10-18 00:27:20 +00:00