Security notice: Kr00k - vulnerability in Wi-Fi chips by Broadcom and Cypress (CVE-2019-15126)

Dear Turris users,

Recently, there were revealed details about the security vulnerability in Wi-Fi chips made by Broadcom and Cypress. It is known as Kr00k (CVE-2019-15126).

This vulnerability affects some FullMAC Wi-Fi chips from Broadcom and Cypress. Those are usually used in a lot of amount of devices like notebooks, smart-phones, tablets, e-readers and including some SBC. It allows unauthorized decryption of wireless network packets sent over WPA2 with CCMP.

There is no simple way to check if the device or wireless access point is vulnerable. In the future, there should be developed tools to detect vulnerable devices.

Our routers in default configurations are not affected by this security issue as we are using SoftMAC chips, which are not affected. In Turris 1.x and Turris Omnia routers, there are used Wi-Fi chips from Qualcomm Atheros manufacturer. In Turris MOX, there is used also Wi-Fi chip from Marvell.

Some users might be using FullMAC chips in mini PCIe slots or in USB ports Wi-Fi chips from affected vendors.

We are investigating this issue.