5.4

CVE-2020-26147

EPSS 0.19%
Veröffentlicht 11.05.2021 20:15:08
Zuletzt bearbeitet 14.04.2026 10:16:18
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 13

NVD 14 VulnDex Vulnerability Enrichment 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.4 < 4.4.271

Linux ≫ Linux Kernel Version >= 4.9 < 4.9.271

Linux ≫ Linux Kernel Version >= 4.14 < 4.14.235

Linux ≫ Linux Kernel Version >= 4.19 < 4.19.193

Linux ≫ Linux Kernel Version >= 5.4 < 5.4.124

Linux ≫ Linux Kernel Version >= 5.10 < 5.10.42

Linux ≫ Linux Kernel Version >= 5.12 < 5.12.9

Debian ≫ Debian Linux Version9.0

Arista ≫ C-75 Firmware Version-

Arista ≫ C-75 Version-

Arista ≫ O-90 Firmware Version-

Arista ≫ O-90 Version-

Arista ≫ C-65 Firmware Version-

Arista ≫ C-65 Version-

Arista ≫ W-68 Firmware Version-

Arista ≫ W-68 Version-

Siemens ≫ Scalance W700 Ieee 802.11n Firmware

Siemens ≫ Scalance W700 Ieee 802.11n Version-

Siemens ≫ Scalance W1700 Ieee 802.11ac Firmware

Siemens ≫ Scalance W1700 Ieee 802.11ac Version-

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.398

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	1.2	4.2	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
nvd@nist.gov	3.2	3.2	4.9	AV:A/AC:H/Au:N/C:P/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

Third Party Advisory

Mailing List

https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2021/05/11/12

Patch

Third Party Advisory

Mailing List

https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

Third Party Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

Third Party Advisory

https://www.fragattacks.com

Product

https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

Third Party Advisory

https://cert-portal.siemens.com/productcert/html/ssa-019200.html

https://cert-portal.siemens.com/productcert/html/ssa-913875.html

https://nvd.nist.gov/vuln/detail/CVE-2020-26147

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-26147

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-26147

EUVD