CVE-2020-24586

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

References

https://www.fragattacks.com

https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

http://www.openwall.com/lists/oss-security/2021/05/11/12

https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html

https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

Details

Source: MITRE

Published: 2021-05-11

Updated: 2021-12-03

Risk Information

CVSS v2

Base Score: 2.9

Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 5.5

Severity: LOW

CVSS v3

Base Score: 3.5

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 2.1

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:linux:mac80211:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:intel:ax210_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ax210:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:intel:ax201_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:intel:ax200_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:intel:ac_9560_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:intel:ac_9462_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*

Configuration 14

AND

OR

cpe:2.3:o:intel:ac_9461_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*

Configuration 15

AND

OR

cpe:2.3:o:intel:ac_9260_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*

Configuration 16

AND

OR

cpe:2.3:o:intel:ac_8265_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*

Configuration 17

AND

OR

cpe:2.3:o:intel:ac_8260_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*

Configuration 18

AND

OR

cpe:2.3:o:intel:ac_3168_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*

Configuration 19

AND

OR

cpe:2.3:o:intel:ac_7265_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*

Configuration 20

AND

OR

cpe:2.3:o:intel:ac_3165_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*

Configuration 21

AND

OR

cpe:2.3:o:intel:ax1675_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ax1675:-:*:*:*:*:*:*:*

Configuration 22

AND

OR

cpe:2.3:o:intel:ax1650_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*

Configuration 23

AND

OR

cpe:2.3:o:intel:ac_1550_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*

Tenable Plugins

View all (41 total)

IDNameProductFamilySeverity
155425Oracle Linux 8 : kernel (ELSA-2021-4356)NessusOracle Linux Local Security Checks
high
155219RHEL 8 : kernel (RHSA-2021:4356)NessusRed Hat Local Security Checks
high
155172RHEL 8 : kernel-rt (RHSA-2021:4140)NessusRed Hat Local Security Checks
high
155145CentOS 8 : kernel (CESA-2021:4356)NessusCentOS Local Security Checks
high
155142EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2663)NessusHuawei Local Security Checks
high
155070CentOS 8 : kernel-rt (CESA-2021:4140)NessusCentOS Local Security Checks
high
154016OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0035)NessusOracleVM Local Security Checks
high
153703EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2530)NessusHuawei Local Security Checks
high
153582OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0031)NessusOracleVM Local Security Checks
critical
153557Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9459)NessusOracle Linux Local Security Checks
critical
153131Ubuntu 20.04 LTS : Linux kernel (KVM) vulnerabilities (USN-5000-2)NessusUbuntu Local Security Checks
high
153127Ubuntu 21.04 : Linux kernel (KVM) vulnerabilities (USN-4997-2)NessusUbuntu Local Security Checks
medium
152389Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9406)NessusOracle Linux Local Security Checks
high
152382Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9404)NessusOracle Linux Local Security Checks
high
152055SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2451-1)NessusSuSE Local Security Checks
high
151986SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2421-1)NessusSuSE Local Security Checks
high
151920Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5018-1)NessusUbuntu Local Security Checks
high
151897Slackware 14.2 : Slackware 14.2 kernel (SSA:2021-202-01)NessusSlackware Local Security Checks
high
151878SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2406-1)NessusSuSE Local Security Checks
high
151756openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1977-1)NessusSuSE Local Security Checks
critical
151730openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1975-1)NessusSuSE Local Security Checks
critical
151618SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14764-1)NessusSuSE Local Security Checks
high
151280openSUSE 15 Security Update : kernel (openSUSE-SU-2021:0947-1)NessusSuSE Local Security Checks
high
151205SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2208-1)NessusSuSE Local Security Checks
high
150985Debian DLA-2689-1 : linux security updateNessusDebian Local Security Checks
high
150984Debian DLA-2690-1 : linux-4.19 security updateNessusDebian Local Security Checks
high
150957Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5000-1)NessusUbuntu Local Security Checks
high
150955Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5001-1)NessusUbuntu Local Security Checks
medium
150954Ubuntu 20.04 LTS / 20.10 : Linux kernel vulnerabilities (USN-4999-1)NessusUbuntu Local Security Checks
high
150953Ubuntu 21.04 : Linux kernel vulnerabilities (USN-4997-1)NessusUbuntu Local Security Checks
medium
150927SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1975-1)NessusSuSE Local Security Checks
critical
150901SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1977-1)NessusSuSE Local Security Checks
critical
150696SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1888-1)NessusSuSE Local Security Checks
high
150687SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1899-1)NessusSuSE Local Security Checks
high
150472SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:1913-1)NessusSuSE Local Security Checks
high
150470SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1912-1)NessusSuSE Local Security Checks
high
150413SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1887-1)NessusSuSE Local Security Checks
high
150407SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:1890-1)NessusSuSE Local Security Checks
high
150401SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1889-1)NessusSuSE Local Security Checks
high
150396SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1891-1)NessusSuSE Local Security Checks
high
150315openSUSE Security Update : the Linux Kernel (openSUSE-2021-843)NessusSuSE Local Security Checks
high