Ubuntu.comUB:CVE-2020-3702CVE-2020-3702
3.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
36.2%
u’Specifically timed and handcrafted traffic can cause internal errors in a
WLAN device that lead to improper layer 2 Wi-Fi encryption with a
consequent possibility of information disclosure over the air for a
discrete set of traffic’ in Snapdragon Auto, Snapdragon Compute, Snapdragon
Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,
Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,
Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019,
IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150,
SM7150
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 24.04 | noarch | linux-nvidia | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | linux | < 4.4.0-223.256 | UNKNOWN |
| ubuntu | 21.04 | noarch | linux | < 5.11.0-38.42 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux | < 4.15.0-161.169 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux | < 5.4.0-89.100 | UNKNOWN |
| ubuntu | 16.04 | noarch | linux-hwe | < 4.15.0-161.169~16.04.1 | UNKNOWN |
| ubuntu | 20.04 | noarch | linux-hwe-5.11 | < 5.11.0-38.42~20.04.1 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-hwe-5.4 | < 5.4.0-89.100~18.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | linux-aws | < 4.4.0-1103.108 | UNKNOWN |
| ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1114.121 | UNKNOWN |
References
launchpad.net/bugs/cve/CVE-2020-3702
lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
lore.kernel.org/stable/20210818084859.vcs4vs3yd6zetmyt@pali/t/#mf8b430d4f19f1b939a29b6c5098fdc514fd1a928
nvd.nist.gov/vuln/detail/CVE-2020-3702
security-tracker.debian.org/tracker/CVE-2020-3702
ubuntu.com/security/notices/USN-5113-1
ubuntu.com/security/notices/USN-5114-1
ubuntu.com/security/notices/USN-5115-1
ubuntu.com/security/notices/USN-5116-1
ubuntu.com/security/notices/USN-5116-2
ubuntu.com/security/notices/USN-5361-1
www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58
www.cve.org/CVERecord?id=CVE-2020-3702
Related
3.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
36.2%