On Tue, Sep 2, 2025 at 10:09 AM Johannes Berg <johannes@xxxxxxxxxxxxxxxx> wrote: > > On Tue, 2025-09-02 at 10:04 +0200, Loic Poulain wrote: > > It appears that not all hardware/firmware implementations support > > group key deletion correctly, which can lead to connection hangs > > and deauthentication following GTK rekeying (delete and install). > > > > To avoid this issue, instead of attempting to delete the key using > > the special WMI_CIPHER_NONE value, we now replace the key with an > > invalid (zeroed) value. > > Maybe better use a random value, Good point! > and even try to delete it anyway afterwards? It would still trigger the initial issue this patch addresses. > If it's all zeroes then an attacker can predict it and might > be able to inject frames into the system that way? Indeed, will fix that in v2. Thanks, Loic
