ID CVE-2020-26147
Summary An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:5.8.9:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:5.8.9:*:*:*:*:*:*:*
CVSS
Base: 3.2 (as of 13-07-2021 - 13:15)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:A/AC:H/Au:N/C:P/I:P/A:N
Last major update 13-07-2021 - 13:15
Published 11-05-2021 - 20:15
Last modified 13-07-2021 - 13:15
Back to Top