Linux 5.6 Ships With Broken Intel WiFi Driver After Network Security Fixes Go Awry
For those that are normally spinning their own kernels and punctually upgrading to new releases, you will want to hold off on the new Linux 5.6 kernel for the moment if you use the Intel "IWLWIFI" WiFi driver.
Landing in the kernel right ahead of the Linux 5.6 release were a set of mac80211 security fixes sent in by Intel's Johannes Berg. Those fixes in turn broke the IWLWIFI driver that supports Intel's current wireless chipsets on Linux.
The fixes do not note any particular CVE or offer too much detail. They mention though, "drop data packets if there's no key for them anymore, after there had been one, to avoid sending them in clear when hostapd removes the key before it removes the station and the packets are still queued", "check port authorization again after dequeue, to avoid sending packets if the station is no longer authorized", and other fixes in the name of security.
A networking expert pointed out to Phoronix that the fixes appear to be similar to the recent kr00k vulnerability but for softmac instead of hardmac.
After Linus Torvalds pointed out the lack of clarity over the pull request details, networking subsystem maintainer David Miller pointed out there was a wireless regression but that came after Linus Torvalds already released Linux 5.6.
Those fixes to mac80211 borked the IWLWIFI driver. The fix is simple but missed Linux 5.6. At least though the fix is known and this should be picked up for Linux 5.6.1, so wait a couple of days before trying out the new kernel if you are dependent upon the modern Intel WiFi driver.
Landing in the kernel right ahead of the Linux 5.6 release were a set of mac80211 security fixes sent in by Intel's Johannes Berg. Those fixes in turn broke the IWLWIFI driver that supports Intel's current wireless chipsets on Linux.
The fixes do not note any particular CVE or offer too much detail. They mention though, "drop data packets if there's no key for them anymore, after there had been one, to avoid sending them in clear when hostapd removes the key before it removes the station and the packets are still queued", "check port authorization again after dequeue, to avoid sending packets if the station is no longer authorized", and other fixes in the name of security.
A networking expert pointed out to Phoronix that the fixes appear to be similar to the recent kr00k vulnerability but for softmac instead of hardmac.
After Linus Torvalds pointed out the lack of clarity over the pull request details, networking subsystem maintainer David Miller pointed out there was a wireless regression but that came after Linus Torvalds already released Linux 5.6.
Those fixes to mac80211 borked the IWLWIFI driver. The fix is simple but missed Linux 5.6. At least though the fix is known and this should be picked up for Linux 5.6.1, so wait a couple of days before trying out the new kernel if you are dependent upon the modern Intel WiFi driver.
40 Comments