fragattacks/ADVISORIES.md
2021-05-22 13:46:01 +04:00

82 lines
4.7 KiB
Markdown

# Security Advisories / Bulletins linked to FragAttacks
Pull requests with additional links are welcome! Or create an issue on GitHub to request a link to be added.
## A
- [Arista](https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63)
- [Arris](https://arris.secure.force.com/consumers/articles/General_FAQs/FragAttack-Vulnerability)
- [Aruba](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-011.txt)
- [Avm.de](https://en.avm.de/service/current-security-notifications/): Look for "FragAttacks" Wi-Fi vulnerability
## C
- [Cisco](https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-wifi-faf-22epcEWu.html)
- COMMSCOPE/Ruckus: [Overview](https://support.ruckuswireless.com/fragattacks-ruckus-technical-support-response-center), [Link 2](https://www.commscope.com/fragattacks-commscope-ruckus-resource-center/wifi-fragattacks-what-you-need-to-know/), [Link 3](https://www.commscope.com/globalassets/digizuite/916169-faq-security-advisory-id-20210511-v1-0.pdf). Claim that [EAP-TLS](https://www.fragattacks.com/#eaptls) or [802.11w](https://www.fragattacks.com/#mfp) makes attacks harder is incorrect.
- [Cypress](https://community.cypress.com/t5/Security-Bulletin/Potential-Fragmentation-Vulnerabilities-for-Wi-Fi-Devices/ba-p/276441)
- [Cambium Networks](https://www.cambiumnetworks.com/wp-content/uploads/2021/05/2021-1-FragAttacks-05142021.pdf)
## D
- [Dell](https://www.dell.com/support/kbdoc/en-th/000186331/dsa-2021-100-dell-client-platform-security-update-for-intel-wifi-software-vulnerabilitiesdsa-2021-100-dell-client-platform-security-update-for-intel-wifi-software-vulnerabilities)
## E
- [Eero](https://blog.eero.com/fragattacks-fragmentation-aggregation-and-attacks-update-available-for-all-eero-customers/)
- [Extreme Networks](https://extremeportal.force.com/ExtrArticleDetail?an=000095779)
- [Espressif](https://github.com/espressif/esp-idf/issues/7019)
## H
- [Huawei](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20210513-01-fragattacks-en)
## I
- [Intel](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html)
## J
- [Juniper](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST)
## L
- [Lancom](https://www.lancom-systems.com/service-support/instant-help/general-security-information/): look for WLAN vulnerability "Fragattacks" - They provide patches .
- [Lenovo](https://support.lenovo.com/fr/en/product_security/len-57316)
- [Linksys](https://www.linksys.com/gb/support-article?articleNum=246427#ff)
- [Linux Wireless](https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/)
## M
- Microsoft: [CVE-2020-24587](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24587), [CVE-2020-24588](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-24588), [CVE-2020-26144](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-26144)
- [Mist](https://www.mist.com/documentation/mist-security-advisory-fragattacks-and-faq)
- MikroTik: patches available in [testing release](https://mikrotik.com/download/changelogs/testing-release-tree), look for 6.49beta46 (2021-May-18 07:56).
## N
- [Netgear](https://kb.netgear.com/000063666/Security-Advisory-for-Fragment-and-Forge-vulnerabilities-on-some-WiFi-capable-devices-PSV-2021-0014-PSV-2021-0080)
## R
- Ruckus/COMMSCOPE: [Overview](https://support.ruckuswireless.com/fragattacks-ruckus-technical-support-response-center), [Link 2](https://www.commscope.com/fragattacks-commscope-ruckus-resource-center/wifi-fragattacks-what-you-need-to-know/), [Link 3](https://www.commscope.com/globalassets/digizuite/916169-faq-security-advisory-id-20210511-v1-0.pdf). Claim that [EAP-TLS](https://www.fragattacks.com/#eaptls) or [802.11w](https://www.fragattacks.com/#mfp) makes attacks harder is incorrect.
## S
- [Samsung](https://security.samsungmobile.com/securityUpdate.smsb): Look for SMR-APR-21 & SVE-2021-20775
- [SierraWireless](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-003/)
- [Suse](https://www.suse.com/support/kb/doc/?id=000020244)
- [Synology](https://www.synology.com/en-global/security/advisory/Synology_SA_21_20)
- [Sophos](https://community.sophos.com/b/security-blog/posts/multiple-vulnerabilities-aka-fragattacks-in-wifi-specification)
## T
- [Telekom.com](https://www.telekom.com/en/company/details/fragattack-gap-in-wifi-standard-627006)
## Z
- [Zyxel](https://community.zyxel.com/en/discussion/10655/zyxel-security-advisory-for-fragattacks-against-wifi-products)
## Other Overviews
- [ICASI](https://www.icasi.org/aggregation-fragmentation-attacks-against-wifi/)
- [Wi-Fi Alliance](https://www.wi-fi.org/security-update-fragmentation)