Beware of the Wi-Fi Queues: Researchers Find Ways to Bypass Wi-Fi Encryption
Researchers show how Wi-Fi encryption can be bypassed by manipulating transmit queues.
Researchers from Belgium and the US have discovered that active adversaries may be able to shake loose queued-up network packets from some access points by manipulating transmit queues. The queued-up data was stored in decrypted form and was anticipated that it might need to be re-encrypted with a new session key for delivery later on. The researchers figured out various ways of tricking some access points into releasing those queued-up network packets without any encryption at all or encrypted with a new session key that they chose for the purpose. Access point developers have been advised to use the 5.6 kernel.
To read the complete article see: https://nakedsecurity.sophos.com/2023/04/03/researchers-claim-they-can-bypass-wi-fi-encryption-briefly-at-least/
See full research here: https://papers.mathyvanhoef.com/usenix2023-wifi.pdf