• Jouni Malinen's avatar
    mac80211: Fix TKIP replay protection immediately after key setup · 6f601265
    Jouni Malinen authored
    TKIP replay protection was skipped for the very first frame received
    after a new key is configured. While this is potentially needed to avoid
    dropping a frame in some cases, this does leave a window for replay
    attacks with group-addressed frames at the station side. Any earlier
    frame sent by the AP using the same key would be accepted as a valid
    frame and the internal RSC would then be updated to the TSC from that
    frame. This would allow multiple previously transmitted group-addressed
    frames to be replayed until the next valid new group-addressed frame
    from the AP is received by the station.
    
    Fix this by limiting the no-replay-protection exception to apply only
    for the case where TSC=0, i.e., when this is for the very first frame
    protected using the new key, and the local RSC had not been set to a
    higher value when configuring the key (which may happen with GTK).
    Signed-off-by: default avatarJouni Malinen <j@w1.fi>
    Link: https://lore.kernel.org/r/20200107153545.10934-1-j@w1.fiSigned-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
    6f601265
tkip.c 11 KB