[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dumpsterfire
Subject:    [Dumpsterfire] relatively small effect
From:       leftystrat1 () gmail ! com (lefty)
Date:       2020-02-27 15:07:09
Message-ID: 4ca150b7-4d06-93d5-1496-6c37f81ede38 () gmail ! com
[Download RAW message or body]

CVE-2019-15126  dubbed KrOOk, could affect north of a billion devices.

https://thehackernews.com/2020/02/kr00k-wifi-encryption-flaw.html

The attack relies on the fact that when a device suddenly gets 
disconnected from the wireless network, the Wi-Fi chip clears the 
session key in the memory and set it to zero, but the chip inadvertently 
transmits all data frames left in the buffer with an all-zero encryption 
key even after the disassociation.

[prev in list] [next in list] [prev in thread] [next in thread]