CVE-2013-4579
CVE-2013-4579
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/38826unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729573https://lists.ath9k.org/pipermail/ath9k-devel/2013-November/012215.htmlhttp://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.htmlhttp://www.openwall.com/lists/oss-security/2013/11/15/3http://www.ubuntu.com/usn/USN-2113-1http://www.ubuntu.com/usn/USN-2117-1http://www.ubuntu.com/usn/USN-2133-1http://www.ubuntu.com/usn/USN-2134-1http://www.ubuntu.com/usn/USN-2135-1http://www.ubuntu.com/usn/USN-2136-1http://www.ubuntu.com/usn/USN-2138-1http://www.ubuntu.com/usn/USN-2139-1