CVE-2020-26139

Updated: 2024-11-24 05:28:48.466912

Description:

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 2.9
CVSS Version 3.x MEDIUM 5.3

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS kernel 2.6.32 5.3 MEDIUM Ignored 2022-01-27 11:19:14
CentOS 8.4 ELS kernel 4.18.0 5.3 MEDIUM Released CLSA-2023:1693426883 2023-08-30 17:07:46
CentOS 8.5 ELS kernel 4.18.0 5.3 MEDIUM Not Vulnerable 2023-08-03 03:36:41
CloudLinux 6 ELS kernel 2.6.32 5.3 MEDIUM Ignored 2022-01-27 11:19:13
Oracle Linux 6 ELS kernel 2.6.32 5.3 MEDIUM Not Vulnerable 2022-11-30 10:08:55
Ubuntu 16.04 ELS linux 4.4.0 5.3 MEDIUM Released 2022-04-20 07:41:47