Date: Thu, 7 Sep 2023 04:28:57 GMT From: Philip Paeps <philip@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 735c6710d8ae - main - security/vuxml: add FreeBSD SA-2023:11.wifi Message-ID: <202309070428.3874SvaU072118@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by philip: URL: https://cgit.FreeBSD.org/ports/commit/?id=735c6710d8ae5598ce9dcd1faeec818ff035cd54 commit 735c6710d8ae5598ce9dcd1faeec818ff035cd54 Author: Philip Paeps <philip@FreeBSD.org> AuthorDate: 2023-09-07 04:28:14 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2023-09-07 04:28:14 +0000 security/vuxml: add FreeBSD SA-2023:11.wifi --- security/vuxml/vuln/2023.xml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 906e7e7f06b3..abf0da2dff8c 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,38 @@ + <vuln vid="924cb116-4d35-11ee-8e38-002590c1f29c"> + <topic>FreeBSD -- Wi-Fi encryption bypass</topic> + <affects> + <package> + <name>FreeBSD-kernel</name> + <range><ge>13.2</ge><lt>13.2_3</lt></range> + <range><ge>12.4</ge><lt>12.4_5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <h1>Problem Description:</h1> + <p>The net80211 subsystem would fallback to the multicast key for unicast + traffic in the event the unicast key was removed. This would result in + buffered unicast traffic being exposed to any stations with access to the + multicast key.</p> + <h1>Impact:</h1> + <p>As described in the "Framing Frames: Bypassing Wi-Fi Encryption by + Manipulating Transmit Queues" paper, an attacker can induce an access point + to buffer frames for a client, deauthenticate the client (causing the unicast + key to be removed from the access point), and subsequent flushing of the + buffered frames now encrypted with the multicast key. This would give the + attacker access to the data.</p> + </body> + </description> + <references> + <cvename>CVE-2022-47522</cvename> + <freebsdsa>SA-23:11.wifi</freebsdsa> + </references> + <dates> + <discovery>2023-09-06</discovery> + <entry>2023-09-07</entry> + </dates> + </vuln> + <vuln vid="d35373ae-4d34-11ee-8e38-002590c1f29c"> <topic>FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309070428.3874SvaU072118>