Bug#991968: firmware-brcm80211: security updates for wifi FragAttacks
Package: firmware-brcm80211
Version: 20210315-3
Severity: important
Tags: security
X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
A whole bunch of wifi (protocol-level) security flaws were published
here: https://www.fragattacks.com/
Cypress (AKA Infineon), who maintains some of the broadcom firmware
blobs, published this in response:
https://community.cypress.com/t5/Security-Bulletin/Potential-Fragmentation-Vulnerabilities-for-Wi-Fi-Devices/ba-p/276441
You can see from that that CVE-2020-24587, CVE-2020-24588,
CVE-2020-26145, and CVE-2020-26146 DEFINITELY impact their
wifi chipsets, while CVE-2020-26142 and CVE-2020-26144 MAY impact their
devices.
They have since released updated firmwares to mitigate those security
issues. They appear to already be upstream:
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/log/cypress
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/cypress?id=f97e316775237ca5d46a4bc0614a3073ebec5a9e
Please provided updated packages for sid and bullseye, if possible (I
understand that non-free doesn't necessarily get security updates). I
don't know if they changed anything else, but I'm happy to test out a
security update package on my Pi 4b (which uses the 43455-sdio blob) if
it's helpful for a bullseye update.
Reply to: