From: "Pali Rohár" <pali@kernel.org>
To: Kalle Valo <kvalo@codeaurora.org>
Cc: ath10k@lists.infradead.org, ath9k-devel@qca.qualcomm.com,
linux-wireless@vger.kernel.org
Subject: Re: CVE-2020-3702: Firmware updates for ath9k and ath10k chips
Date: Mon, 17 Aug 2020 12:36:05 +0200 [thread overview]
Message-ID: <20200817103605.qgwfbpz75ssuem7c@pali> (raw)
In-Reply-To: <87a6ytlhk3.fsf@codeaurora.org>
On Monday 17 August 2020 12:58:52 Kalle Valo wrote:
> Pali Rohár <pali@kernel.org> writes:
>
> > ESET engineers on their blog published some information about new
> > security vulnerability CVE-2020-3702 in ath9k wifi cards:
> > https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/
> >
> > According to Qualcomm security bulletin this CVE-2020-3702 affects also
> > some Qualcomm IPQ chips which are handled by ath10k driver:
> > https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin#_cve-2020-3702
>
> I can't find any refererences to ath10k, or hardware with ath10k
> chipsets, in the links above. Where did you see it?
Now I'm looking at that security bulletin for CVE-2020-3702 and it
contains different list of affected chipset as at time when I wrote
previous email. Previously there were IPQ ath10k chipsets and no AR
chipsets. Now there are lot of ath9k AR9xxx and none of IPQ.
So meanwhile Qualcomm changed vulnerability list.
prev parent reply other threads:[~2020-08-17 10:36 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-10 9:01 CVE-2020-3702: Firmware updates for ath9k and ath10k chips Pali Rohár
2020-08-12 8:36 ` Pali Rohár
2020-08-12 9:17 ` Toke Høiland-Jørgensen
2020-08-12 9:23 ` Jouni Malinen
2020-08-12 9:32 ` Michał Kazior
2020-10-07 8:25 ` Pali Rohár
2020-12-07 14:04 ` Pali Rohár
2020-12-14 17:41 ` Jouni Malinen
2020-12-17 9:35 ` Pali Rohár
2020-08-12 9:31 ` Pali Rohár
2020-08-17 9:58 ` Kalle Valo
2020-08-17 10:36 ` Pali Rohár [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200817103605.qgwfbpz75ssuem7c@pali \
--to=pali@kernel.org \
--cc=ath10k@lists.infradead.org \
--cc=ath9k-devel@qca.qualcomm.com \
--cc=kvalo@codeaurora.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).