Lucene search

[email protected]NVD:CVE-2020-26147

HistoryMay 11, 2021 - 8:15 p.m.

CVE-2020-26147

2021-05-1120:15:08

[email protected]

web.nvd.nist.gov

linux kernel

wep

wpa

wpa2

wpa3

vulnerability

data-confidentiality protocol

CVSS2

3.2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:H/Au:N/C:P/I:P/A:N

CVSS3

5.4

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

EPSS

0.002

Percentile

53.7%

JSON

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

Affected configurations

Nvd

Node

linuxlinux_kernelRange4.4–4.4.271

linuxlinux_kernelRange4.9–4.9.271

linuxlinux_kernelRange4.14–4.14.235

linuxlinux_kernelRange4.19–4.19.193

linuxlinux_kernelRange5.4–5.4.124

linuxlinux_kernelRange5.10–5.10.42

linuxlinux_kernelRange5.12–5.12.9

Node

debiandebian_linuxMatch9.0

Node

aristac-75_firmwareMatch-

AND

aristac-75Match-

Node

aristao-90_firmwareMatch-

AND

aristao-90Match-

Node

aristac-65_firmwareMatch-

AND

aristac-65Match-

Node

aristaw-68_firmwareMatch-

AND

aristaw-68Match-

Node

siemensscalance_w700_ieee_802.11n_firmware

AND

siemensscalance_w700_ieee_802.11nMatch-

Node

siemensscalance_w1700_ieee_802.11ac_firmware

AND

siemensscalance_w1700_ieee_802.11acMatch-

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
aristac-75_firmware-cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*
aristac-75-cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*
aristao-90_firmware-cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*
aristao-90-cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*
aristac-65_firmware-cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*
aristac-65-cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*
aristaw-68_firmware-cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*
aristaw-68-cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
arista	c-75_firmware	-	cpe:2.3:o:arista:c-75_firmware:-:::::::*
arista	c-75	-	cpe:2.3:h:arista:c-75:-:::::::*
arista	o-90_firmware	-	cpe:2.3:o:arista:o-90_firmware:-:::::::*
arista	o-90	-	cpe:2.3:h:arista:o-90:-:::::::*
arista	c-65_firmware	-	cpe:2.3:o:arista:c-65_firmware:-:::::::*
arista	c-65	-	cpe:2.3:h:arista:c-65:-:::::::*
arista	w-68_firmware	-	cpe:2.3:o:arista:w-68_firmware:-:::::::*
arista	w-68	-	cpe:2.3:h:arista:w-68:-:::::::*