5.4
CVE-2020-26147
- EPSS 0.42%
- Veröffentlicht 11.05.2021 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:19:22
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.4 < 4.4.271
Linux ≫ Linux Kernel Version >= 4.9 < 4.9.271
Linux ≫ Linux Kernel Version >= 4.14 < 4.14.235
Linux ≫ Linux Kernel Version >= 4.19 < 4.19.193
Linux ≫ Linux Kernel Version >= 5.4 < 5.4.124
Linux ≫ Linux Kernel Version >= 5.10 < 5.10.42
Linux ≫ Linux Kernel Version >= 5.12 < 5.12.9
Debian ≫ Debian Linux Version9.0
Arista ≫ C-75 Firmware Version-
Arista ≫ O-90 Firmware Version-
Arista ≫ C-65 Firmware Version-
Arista ≫ W-68 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.611 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 1.2 | 4.2 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
|
| nvd@nist.gov | 3.2 | 3.2 | 4.9 |
AV:A/AC:H/Au:N/C:P/I:P/A:N
|