The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux_kernel | Linux | * | 2.6.36.4 (including) |
| Linux_kernel | Linux | 2.6.36.1 (including) | 2.6.36.1 (including) |
| Linux_kernel | Linux | 2.6.36.2 (including) | 2.6.36.2 (including) |
| Linux_kernel | Linux | 2.6.36.3 (including) | 2.6.36.3 (including) |
| MRG for RHEL-5 | RedHat | kernel-rt-0:2.6.33.7-rt29.55.el5rt | * |
| Red Hat Enterprise Linux 6 | RedHat | kernel-0:2.6.32-71.24.1.el6 | * |
| Linux | Ubuntu | lucid | * |
| Linux | Ubuntu | maverick | * |
| Linux | Ubuntu | upstream | * |
| Linux-armadaxp | Ubuntu | upstream | * |
| Linux-ec2 | Ubuntu | lucid | * |
| Linux-ec2 | Ubuntu | maverick | * |
| Linux-ec2 | Ubuntu | upstream | * |
| Linux-fsl-imx51 | Ubuntu | upstream | * |
| Linux-lts-backport-maverick | Ubuntu | lucid | * |
| Linux-lts-backport-maverick | Ubuntu | upstream | * |
| Linux-lts-backport-natty | Ubuntu | upstream | * |
| Linux-lts-backport-oneiric | Ubuntu | upstream | * |
| Linux-mvl-dove | Ubuntu | lucid | * |
| Linux-mvl-dove | Ubuntu | maverick | * |
| Linux-mvl-dove | Ubuntu | upstream | * |
| Linux-ti-omap4 | Ubuntu | upstream | * |