Security status about wifi vulnerability: fragattacks

## Description

It seems that there is currently no release available which uses a fixed idf version.
This issue should help to show the current status about the patches and releases.

## Status of arduino-esp32 

| arduino-esp32 |  ESP-IDF | vulnerable |
| ---------------- | ----------| ---------|
| older than 1.0.6 |  x | yes ⚠️  |
| 1.0.6 |  v3.3.5 | yes ⚠️  |
| 2.0.0-alpha1 | IDF master cf457d412 | yes ⚠️  |
| 2.0.0 | x | fixed ✅  |

## Fixed IDF releases

edit: not all are officially released...

* Master ( ef127ab9 )
* Release v4.3.1 ( 46144f70 )
* Release v4.2.2 ( 60ccb3fe )
* Release v4.1.2 ( 97c8be71 )
* Release v4.0.4 ( 7504329e )
* Release v3.3.6 ( b403b0db )

## Reference

* Bug homepage: https://www.fragattacks.com/
* Bug report `esp-idf`: https://github.com/espressif/esp-idf/issues/7019
* Advisory: https://www.espressif.com/sites/default/files/advisory_downloads/AR2021-003%20Security%20Advisory%20for%20WFA%20vulnerability.pdf

## Disclaimer

I am not a maintainer. Ping team if necessary.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security status about wifi vulnerability: fragattacks #5351

Description

Status of arduino-esp32

Fixed IDF releases

Reference

Disclaimer

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

arduino-esp32	ESP-IDF	vulnerable
older than 1.0.6	x	yes ⚠️
1.0.6	v3.3.5	yes ⚠️
2.0.0-alpha1	IDF master cf457d412	yes ⚠️
2.0.0	x	fixed ✅

Security status about wifi vulnerability: fragattacks #5351

Description

Description

Status of arduino-esp32

Fixed IDF releases

Reference

Disclaimer

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions