CVE-2020-26147

Updated: 2024-11-24 05:46:15.486393

Description:

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 3.2
CVSS Version 3.x MEDIUM 5.4

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 8.4 ELS kernel 4.18.0 5.4 MEDIUM Released CLSA-2022:1651145959 2022-04-28 16:00:01
CentOS 8.5 ELS kernel 4.18.0 5.4 MEDIUM Ignored 2022-02-21 05:39:36
Oracle Linux 6 ELS kernel 2.6.32 5.4 MEDIUM Ignored 2022-12-02 16:06:02
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.4 MEDIUM Released 2023-04-27 14:04:56
Ubuntu 16.04 ELS linux 4.4.0 5.4 MEDIUM Released 2021-12-09 07:57:26