Vulnerability: MAC Address Spoofing via BSSID Masking in ath9k_htc_set_bssid_mask Function

Vulnerability: MAC Address Spoofing via BSSID Masking in ath9k_htc_set_bssid_mask Function

CVE-2013-4579 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.