Vigil@nce - Linux kernel: information disclosure via WiFi
November 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can sniff the WiFi traffic, incompletely encrypted by
the Linux kernel, in order to obtain sensitive information.
Impacted products: Linux
Severity: 1/4
Creation date: 07/11/2014
DESCRIPTION OF THE VULNERABILITY
The Linux kernel can implement encryption for IEEE 8022.11, in the
unusual case the hardware does not provide it.
However, because of an error in the handling of data queued for
sending, the first fragment of a IP packet is not rightly
encrypted and up to 8 bytes are broadcasted as plain text. These
bytes are typically part of the IP header.
An attacker can therefore sniff the WiFi traffic, incompletely
encrypted by the Linux kernel, in order to obtain sensitive
information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-information-disclosure-via-WiFi-15606