lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160609225758.GC19309@localhost>
Date:	Thu, 9 Jun 2016 17:57:58 -0500
From:	Bjorn Helgaas <helgaas@...nel.org>
To:	Lukas Wunner <lukas@...ner.de>
Cc:	x86@...nel.org, linux-kernel@...r.kernel.org,
	Chris Milsted <cmilsted@...hat.com>,
	Matthew Garrett <mjg59@...f.ucam.org>,
	Andi Kleen <ak@...ux.intel.com>, Michael Buesch <m@...s.ch>,
	Bjorn Helgaas <bhelgaas@...gle.com>,
	Matt Fleming <matt@...eblueprint.co.uk>,
	Konstantin Simanov <k.simanov@...k.ru>,
	Bryan Paradis <bryan.paradis@...il.com>,
	Andrew Worsley <amworsley@...il.com>,
	Chris Bainbridge <chris.bainbridge@...il.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-pci@...r.kernel.org, linux-wireless@...r.kernel.org,
	b43-dev@...ts.infradead.org, zajec5@...il.com
Subject: Re: [PATCH] x86: Add early quirk to reset Apple AirPort card

On Sun, May 29, 2016 at 01:35:28AM +0200, Lukas Wunner wrote:
> The EFI firmware on Macs contains a full-fledged network stack for
> downloading OS X images from osrecovery.apple.com. Unfortunately
> on Macs introduced 2011 and 2012, EFI brings up the Broadcom 4331
> wireless card on every boot and leaves it enabled even after
> ExitBootServices has been called. The card continues to assert its IRQ
> line, causing spurious interrupts if the IRQ is shared. It also corrupts
> memory by DMAing received packets, allowing for remote code execution
> over the air. This only stops when a driver is loaded for the wireless
> card, which may be never if the driver is not installed or blacklisted.
> ...

> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=79301
> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=111781
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=728916
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=895951#c16
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1009819
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1098621
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1149632#c5
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1279130
> Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1332732

I think I saw mail about this being applied via the x86 tree.  Let me
know if I need to do anything more here.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ