7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.5%
Problem Description:
The net80211 subsystem would fallback to the multicast key for unicast
traffic in the event the unicast key was removed. This would result in
buffered unicast traffic being exposed to any stations with access to the
multicast key.
Impact:
As described in the “Framing Frames: Bypassing Wi-Fi Encryption by
Manipulating Transmit Queues” paper, an attacker can induce an access point
to buffer frames for a client, deauthenticate the client (causing the unicast
key to be removed from the access point), and subsequent flushing of the
buffered frames now encrypted with the multicast key. This would give the
attacker access to the data.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | freebsd-kernel | = 13.2 | UNKNOWN |
FreeBSD | any | noarch | freebsd-kernel | < 13.2_3 | UNKNOWN |
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.5%