|
|
|
|
|
|
by jascii
2309 days ago
|
|
|
> I have a device that used the brcmfmac driver on Linux until today, and am hoping I won't have to shelve it forever. No need to shelve the device, just don't treat WiFi as a "trusted zone" and use better encryption on top of WPA2. You should anyway, and this vulnerability is just another small reason why.
What this vulnerability does -- as I understand it -- is, when a device dissociates with the network, send the rest of the tx buffer with a zero'd out encryption key. And thus leaks a small amount of data. Not good, however if you apply common best practices to your network I wouldn't lose any sleep over it. |
|
|