5.4
CVE-2020-26147
- EPSS 0.42%
- Published 11.05.2021 20:15:08
- Last modified 21.11.2024 05:19:22
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.4 < 4.4.271
Linux ≫ Linux Kernel Version >= 4.9 < 4.9.271
Linux ≫ Linux Kernel Version >= 4.14 < 4.14.235
Linux ≫ Linux Kernel Version >= 4.19 < 4.19.193
Linux ≫ Linux Kernel Version >= 5.4 < 5.4.124
Linux ≫ Linux Kernel Version >= 5.10 < 5.10.42
Linux ≫ Linux Kernel Version >= 5.12 < 5.12.9
Debian ≫ Debian Linux Version9.0
Arista ≫ C-75 Firmware Version-
Arista ≫ O-90 Firmware Version-
Arista ≫ C-65 Firmware Version-
Arista ≫ W-68 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.611 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.4 | 1.2 | 4.2 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
|
| nvd@nist.gov | 3.2 | 3.2 | 4.9 |
AV:A/AC:H/Au:N/C:P/I:P/A:N
|