Bug#991968: marked as done (firmware-brcm80211: security updates for wifi FragAttacks)

To: maximilian attems <maks@stro.at>
Subject: Bug#991968: marked as done (firmware-brcm80211: security updates for wifi FragAttacks)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Wed, 25 Aug 2021 12:45:03 +0000
Message-id: <[🔎] handler.991968.D991968.162989540425879.ackdone@bugs.debian.org>
Reply-to: 991968@bugs.debian.org
References: <YSY5rMnWmfbX5gZd@photino.stro.at> <[🔎] 20210806153822.3eb6a1f8@e7470.queued.net>

Your message dated Wed, 25 Aug 2021 14:38:04 +0200
with message-id <YSY5rMnWmfbX5gZd@photino.stro.at>
and subject line Re: firmware-brcm80211: security updates for wifi FragAttacks
has caused the Debian Bug report #991968,
regarding firmware-brcm80211: security updates for wifi FragAttacks
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
991968: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991968
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: firmware-brcm80211: security updates for wifi FragAttacks
From: Andres Salomon <dilinger@queued.net>
Date: Fri, 6 Aug 2021 15:38:22 -0400
Message-id: <[🔎] 20210806153822.3eb6a1f8@e7470.queued.net>

Package: firmware-brcm80211
Version: 20210315-3
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <team@security.debian.org>


A whole bunch of wifi (protocol-level) security flaws were published
here: https://www.fragattacks.com/

Cypress (AKA Infineon), who maintains some of the broadcom firmware
blobs, published this in response:
https://community.cypress.com/t5/Security-Bulletin/Potential-Fragmentation-Vulnerabilities-for-Wi-Fi-Devices/ba-p/276441

You can see from that that CVE-2020-24587, CVE-2020-24588,
CVE-2020-26145, and CVE-2020-26146 DEFINITELY impact their
wifi chipsets, while CVE-2020-26142 and CVE-2020-26144 MAY impact their
devices.

They have since released updated firmwares to mitigate those security
issues. They appear to already be upstream:
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/cypress

https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/cypress?id=f97e316775237ca5d46a4bc0614a3073ebec5a9e

Please provided updated packages for sid and bullseye, if possible (I
understand that non-free doesn't necessarily get security updates). I
don't know if they changed anything else, but I'm happy to test out a
security update package on my Pi 4b (which uses the 43455-sdio blob) if
it's helpful for a bullseye update.

--- End Message ---

--- Begin Message ---

To: 991968-done@bugs.debian.org

Subject: Re: firmware-brcm80211: security updates for wifi FragAttacks

From: maximilian attems <maks@stro.at>

Date: Wed, 25 Aug 2021 14:38:04 +0200

Message-id: <YSY5rMnWmfbX5gZd@photino.stro.at>
Version: 20210818-1

includes the fixes that went into 20210716 for cypress sec.

Once this firmware sees more real world usage (testing && backports),
it might be interesting to package it for bullseye update.

thank you for the report.

-- 
maks
Attachment: signature.asc
Description: PGP signature

--- End Message ---

Reply to:

References:
- Bug#991968: firmware-brcm80211: security updates for wifi FragAttacks
  - From: Andres Salomon <dilinger@queued.net>

Prev by Date: Bug#992939: linux-image-5.13.0-trunk: 5.13.0-trunk: Freeze on booting with "iommu.passthrough=1" .
Next by Date: Bug#989087: rtw_8822ce: firmware crash
Previous by thread: Bug#991968: firmware-brcm80211: security updates for wifi FragAttacks
Next by thread: Processing of linux_5.10.46-4~bpo10+1_source.changes
Index(es):
- Date
- Thread