Marvell WiFi Vulnerability

[Mushoz]

According to Marvell's recent statement, there seems to be a firmware update for the vulnerability in the WiFi chip employed in the Steam Link. Is this firmware already active in the latest beta version of SteamLink? It's a critical vulnerability, and I'd rather not use my Steamlink for as long as it's vulnerable, which is a real pity, since I enjoy it so much.

[connorshea]

The vulnerability in question is CVE-2019-6496 (relevant article)

I did a bit of digging on this by SSHing into my Steam Link, as far as I can tell from the files at /lib/modules/3.8.13-mrvl, the relevant files haven't been updated since at least February 12, 2016, which was around when build 497 came out on stable with the fix for a WiFi issue in Marvell's drivers. (I bought my Steam Link in late 2017 so I don't think this is the manufacture date).

So I think it's still vulnerable :/

NOTE: I am just a web developer, not a security researcher or anything, so I may very well be wrong about this and it has been patched, but I haven't seen anything in the build history nor any communication from Valve on a patch, so I wanted to investigate a bit and figure it out.

[connorshea]

Actually, correction: I can't tell for sure if the CVE was fixed by this commit in Linux, but if it was then it was copied over to the Steam Link kernel with https://github.com/ValveSoftware/steamlink-sdk/commit/61171366767e7d9f8686aea07864722aa9fdad64

Looks like this commit as well: https://github.com/torvalds/linux/commit/13ec7f10b87f5fc04c4ccbd491c94c7980236a74

[odil-io]

Actually, correction: I can't tell for sure if the CVE was fixed by this commit in Linux, but if it was then it was copied over to the Steam Link kernel with 6117136

It hasn't, thats another fix for something else. Also, CVE-2019-6496 isn't mentioned.

Looks like this commit as well: torvalds/linux@13ec7f1

Also not. You can read this in the comment "This fix addresses CVE-2019-3846." which not the same CVE.

Did some digging, for future readers:

At time of posting I don't believe the fix is implemented. Based on that the last update to the firmware binaries was 7 years ago in https://github.com/ValveSoftware/steamlink-sdk/commit/9d59634cc05356befc45ea79663162afe38c7023. With the missing response of Valve to the vulnerability here kb.cert.org from 2019, it's safe to assume Vale did not yet has a fix ready. I doubt any will come.

edit: Marvell's statement: https://www.marvell.com/search.html?search=CVE-2019-6496 (search results. title is a clickable to a downloadable PDF.)