7.8
CVE-2025-38512
- EPSS 0.15%
- Veröffentlicht 16.08.2025 10:54:54
- Zuletzt bearbeitet 07.01.2026 17:58:51
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
wifi: prevent A-MSDU attacks in mesh networks
In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU spoofing vulnerability for mesh networks. The initial update to the IEEE 802.11 standard, in response to the FragAttacks, missed this case (CVE-2025-27558). It can be considered a variant of CVE-2020-24588 but for mesh networks. This patch tries to detect if a standard MSDU was turned into an A-MSDU by an adversary. This is done by parsing a received A-MSDU as a standard MSDU, calculating the length of the Mesh Control header, and seeing if the 6 bytes after this header equal the start of an rfc1042 header. If equal, this is a strong indication of an ongoing attack attempt. This defense was tested with mac80211_hwsim against a mesh network that uses an empty Mesh Address Extension field, i.e., when four addresses are used, and when using a 12-byte Mesh Address Extension field, i.e., when six addresses are used. Functionality of normal MSDUs and A-MSDUs was also tested, and confirmed working, when using both an empty and 12-byte Mesh Address Extension field. It was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh networks keep being detected and prevented. Note that the vulnerability being patched, and the defense being implemented, was also discussed in the following paper and in the following IEEE 802.11 presentation: https://papers.mathyvanhoef.com/wisec2025.pdf https://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1.107 < 6.1.146
Linux ≫ Linux Kernel Version >= 6.3 < 6.6.99
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.39
Linux ≫ Linux Kernel Version >= 6.13 < 6.15.7
Linux ≫ Linux Kernel Version6.16 Updaterc1
Linux ≫ Linux Kernel Version6.16 Updaterc2
Linux ≫ Linux Kernel Version6.16 Updaterc3
Linux ≫ Linux Kernel Version6.16 Updaterc4
Linux ≫ Linux Kernel Version6.16 Updaterc5
Debian ≫ Debian Linux Version11.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.043 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
https://git.kernel.org/stable/c/e2c8a3c0388aef6bfc4aabfba07bc7dff16eea80
https://git.kernel.org/stable/c/ec6392061de6681148b63ee6c8744da833498cdd
https://git.kernel.org/stable/c/e01851f6e9a665a6011b14714b271d3e6b0b8d32
https://git.kernel.org/stable/c/6e3b09402cc6c3e3474fa548e8adf6897dda05de
https://git.kernel.org/stable/c/737bb912ebbe4571195c56eba557c4d7315b26fb
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html