Bl0ck: Paralyzing 802.11 Connections Through Block Ack Frames

Despite Wi-Fi is at the eve of its seventh generation, security concerns regarding this omnipresent technology remain in the spotlight of the research community. This work introduces two new denial of service (DoS) attacks against contemporary Wi-Fi 5 and 6 networks. Differently from similar works in the literature which focus on 802.11 management frames, the introduced assaults exploit control frames. Both these attacks target the central element of any infrastructure-based 802.11 network, i.e., the access point (AP), and result in depriving the associated stations of any service. We demonstrate that, at the very least, the attacks affect a great mass of off-the-self AP implementations by different renowned vendors, and they can be mounted with inexpensive equipment, little effort, and a low level of expertise. With reference to the latest standard, namely, 802.11-2020, we elaborate on the root cause of the respected vulnerabilities, pinpointing shortcomings. Following a coordinated vulnerability disclosure process, our findings have been promptly communicated to each affected AP vendor, already receiving positive feedback, as well as, at the time of writing, a reserved common vulnerabilities and exposures (CVE) identifier, namely CVE-2022-32666.