CVE-2020-26147

medium

Description

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

References

https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

http://www.openwall.com/lists/oss-security/2021/05/11/12

https://www.tenable.com/cyber-exposure/2021-threat-landscape-retrospective

https://www.fragattacks.com/

https://www.fragattacks.com

Details

Source: Mitre, NVD

Published: 2021-05-11

Updated: 2022-07-12

Named Vulnerability: FragAttacks

Risk Information

CVSS v2

Base Score: 3.2

Vector: CVSS2#AV:A/AC:H/Au:N/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00055