IM
IronMonkey Threat Research

CVE-2020-26147 MEDIUM

Published: 2021-05-11 | Last Modified: 2026-04-14 | Status: Modified

Description

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

Additional Descriptions (1)

Se detectó un problema en el kernel de Linux versión 5.8.9. Las implementaciones de WEP, WPA, WPA2 y WPA3 reensamblan fragmentos aunque algunos de ellos se enviaron en texto plano. Esta vulnerabilidad puede ser abusada para inyectar paquetes y/o exfiltrar fragmentos seleccionados cuando otro dispositivo envía tramas fragmentadas y el protocolo de confidencialidad de datos WEP, CCMP o GCMP es usado

CVSS Metrics

Base Score: 5.4 (MEDIUM)

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

Attack VectorADJACENT_NETWORK
Attack ComplexityHIGH
Privileges RequiredNONE
User InteractionREQUIRED
ScopeUNCHANGED
Confidentiality ImpactLOW
Integrity ImpactHIGH
Availability ImpactNONE

Source: [email protected]

Type: Primary

Exploitability Score: 1.2

Impact Score: 4.2

Base Score: 3.2 (LOW)

AV:A/AC:H/Au:N/C:P/I:P/A:N

Access VectorADJACENT_NETWORK
Access ComplexityHIGH
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactNONE

Source: [email protected]

Type: Primary

Exploitability Score: 3.2

Impact Score: 4.9

Weaknesses

Source Type Description
[email protected] Primary
en NVD-CWE-Other

Affected Products

Vendor Product Version Update Type
linux linux_kernel * <built-in method update of dict object at 0x72a9997794c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x72a999778040> Operating System
linux linux_kernel * <built-in method update of dict object at 0x72a999779180> Operating System
linux linux_kernel * <built-in method update of dict object at 0x72a963c690c0> Operating System
linux linux_kernel * <built-in method update of dict object at 0x72a99977a080> Operating System
linux linux_kernel * <built-in method update of dict object at 0x72a999778400> Operating System
linux linux_kernel * <built-in method update of dict object at 0x72a999779fc0> Operating System
debian debian_linux 9.0 <built-in method update of dict object at 0x72a9cc76f080> Operating System
arista c-75_firmware - <built-in method update of dict object at 0x72a999778740> Operating System
arista o-90_firmware - <built-in method update of dict object at 0x72a99977a240> Operating System
arista c-65_firmware - <built-in method update of dict object at 0x72a999778940> Operating System
arista w-68_firmware - <built-in method update of dict object at 0x72a99977a9c0> Operating System
siemens scalance_w700_ieee_802.11n_firmware * <built-in method update of dict object at 0x72a963c6a300> Operating System
siemens scalance_w1700_ieee_802.11ac_firmware * <built-in method update of dict object at 0x72a9cc76d6c0> Operating System

Affected Configurations

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Yes cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
Yes cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*

Operator: OR

Vulnerable CPE
No cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*

References

Notification
Message here