ghsa-v4p7-4gcw-hc4c
Vulnerability from github
Published
2022-05-17 04:49
Modified
2022-05-17 04:49
Details
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.
{ "affected": [], "aliases": [ "CVE-2013-4579" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2013-11-20T13:19:00Z", "severity": "MODERATE" }, "details": "The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.", "id": "GHSA-v4p7-4gcw-hc4c", "modified": "2022-05-17T04:49:30Z", "published": "2022-05-17T04:49:30Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4579" }, { "type": "WEB", "url": "https://lists.ath9k.org/pipermail/ath9k-devel/2013-November/012215.html" }, { "type": "WEB", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729573" }, { "type": "WEB", "url": "http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2013/11/15/3" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2113-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2117-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2133-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2134-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2135-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2136-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2138-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2139-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2141-1" } ], "schema_version": "1.4.0", "severity": [] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.