lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Feb 2016 04:28:03 -0500 (EST) From: David Miller <davem@...emloft.net> To: johannes@...solutions.net Cc: linux-wireless@...r.kernel.org, netdev@...r.kernel.org, ja@....bg, johannes.berg@...el.com Subject: Re: [PATCH v3 3/4] ipv6: add option to drop unicast encapsulated in L2 multicast From: Johannes Berg <johannes@...solutions.net> Date: Thu, 4 Feb 2016 13:31:19 +0100 > From: Johannes Berg <johannes.berg@...el.com> > > In order to solve a problem with 802.11, the so-called hole-196 attack, > add an option (sysctl) called "drop_unicast_in_l2_multicast" which, if > enabled, causes the stack to drop IPv6 unicast packets encapsulated in > link-layer multi- or broadcast frames. Such frames can (as an attack) > be created by any member of the same wireless network and transmitted > as valid encrypted frames since the symmetric key for broadcast frames > is shared between all stations. > > Reviewed-by: Julian Anastasov <ja@....bg> > Signed-off-by: Johannes Berg <johannes.berg@...el.com> Applied.
Powered by blists - more mailing lists