The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.

References

www.openwall.com/lists/oss-security/2021/05/11/12

github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

lists.debian.org/debian-lts-announce/2021/06/msg00019.html

lists.debian.org/debian-lts-announce/2021/06/msg00020.html

lists.debian.org/debian-lts-announce/2023/04/msg00002.html

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

www.fragattacks.com

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html

veracode 1

nvd 1

ubuntucve 1

cve 1

mscve 1

prion 1

redhatcve 1

attackerkb 1

debiancve 1

nessus 66

lenovo 2

hp 1

krebs 1

intel 1

ics 3

openvas 43

mageia 2

mskb 14

osv 9

oraclelinux 6

debian 3

threatpost 2

malwarebytes 1

ubuntu 7

hackerone 1

suse 4

checkpoint_security 1

thn 1

cisco 1

kaspersky 2

arista 1

cloudfoundry 1

avleonov 1

slackware 1

almalinux 1

redhat 4

rapid7blog 1

qualysblog 1

veracode

CVE-2020-24587 Kernel: Reassembling Fragments Encrypted Under Different Keys

2021-11-17 22:37:04

nvd

CVE-2020-24587

2021-05-11 20:15:08

ubuntucve

CVE-2020-24587

2021-05-11 00:00:00

cve

CVE-2020-24587

2021-05-11 20:15:08

mscve

Windows Wireless Networking Information Disclosure Vulnerability

2021-05-11 07:00:00

prion

Design/Logic Flaw

2021-05-11 20:15:00

redhatcve

CVE-2020-24587

2021-05-13 05:56:41

attackerkb

CVE-2020-24587

2021-05-11 00:00:00

debiancve

CVE-2020-24587

2021-05-11 20:15:08

nessus

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-24587)

2024-03-18 00:00:00

SUSE SLES11 Security Update : kernel (SUSE-SU-2021:14764-1)

2021-07-14 00:00:00

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9404)

2021-08-10 00:00:00

lenovo

Intel® PROSet and Wireless WiFi, Intel vPro® CSME WiFi, and Intel® Killer™ WiFi Advisory - Lenovo Support NL

2021-05-11 20:39:26

Aggregation and Fragmentation Attacks against Wi-Fi (FragAttacks) Vulnerabilities - Lenovo Support NL

2021-06-07 20:37:01

Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi May 2021 Security Updates

2021-05-14 00:00:00

krebs

Microsoft Patch Tuesday, May 2021 Edition

2021-05-11 20:28:19

intel

Intel® PROSet/Wireless WiFi , Intel vPro® CSME WiFi and Killer™ WiFi Advisory Advisory

2021-05-11 00:00:00

ics

Mitsubishi Electric GT25-WLAN (Update A)

2022-05-12 12:00:00

Hitachi ABB Power Grids TropOS

2021-08-24 12:00:00

Siemens SIMATIC

2024-03-14 12:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2021:14764-1)

2021-07-14 00:00:00

Mageia: Security Advisory (MGASA-2021-0257)

2022-01-28 00:00:00

Mageia: Security Advisory (MGASA-2021-0258)

2022-01-28 00:00:00

mageia

Updated kernel packages fix security vulnerabilities

2021-06-14 00:32:39

Updated kernel-linus packages fix security vulnerabilities

2021-06-14 00:32:39

mskb

May 11, 2021—KB5003225 (Security-only update)

2021-05-11 07:00:00

May 11, 2021—KB5003228 (Security-only update)

2021-05-11 07:00:00

May 11, 2021—KB5003203 (Security-only update)

2021-05-11 07:00:00

osv

firmware-nonfree - security update

2023-04-01 00:00:00

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

2021-07-20 22:11:51

linux-kvm vulnerabilities

2021-06-25 19:56:40

oraclelinux

Unbreakable Enterprise kernel security update

2021-08-10 00:00:00

Unbreakable Enterprise kernel-container security update

2021-08-10 00:00:00

Unbreakable Enterprise kernel-container security update

2021-09-21 00:00:00

debian

[SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)

2023-04-01 20:16:41

[SECURITY] [DLA 2690-1] linux-4.19 security update

2021-06-23 00:05:06

[SECURITY] [DLA 2689-1] linux security update

2021-06-23 00:11:57

threatpost

‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices

2021-05-12 15:48:05

Wormable Windows Bug Opens Door to DoS, RCE

2021-05-11 20:05:44

malwarebytes

FragAttack: New Wi-Fi vulnerabilities that affect… basically everything

2021-05-12 17:31:21

ubuntu

Linux kernel vulnerabilities

2021-07-20 00:00:00

Linux kernel (KVM) vulnerabilities

2021-06-25 00:00:00

Linux kernel (OEM) vulnerabilities

2021-06-23 00:00:00

hackerone

Internet Bug Bounty: Fragmentation and Aggregation Flaws in Wi-Fi

2021-06-19 21:24:25

suse

Security update for the Linux Kernel (important)

2021-07-01 00:00:00

Security update for the Linux Kernel (important)

2021-06-06 00:00:00

Security update for the Linux Kernel (important)

2021-07-11 00:00:00

checkpoint_security

Check Point Response to Wi-Fi FragAttacks in Quantum Spark appliances

2021-06-09 23:24:30

thn

Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks

2021-05-12 13:07:00

cisco

Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021

2021-05-11 18:00:00

kaspersky

KLA12167 Multiple vulnerabilities in Microsoft Products (ESU)

2021-05-11 00:00:00

KLA12174 Multiple vulnerabilities in Microsoft Windows

2021-05-11 00:00:00

arista

Security Advisory 0063

2021-05-12 00:00:00

cloudfoundry

USN-5000-1: Linux kernel vulnerabilities | Cloud Foundry

2021-07-08 00:00:00

avleonov

Vulristics: Microsoft Patch Tuesdays Q2 2021

2021-07-10 00:14:59

slackware

[slackware-security] Slackware 14.2 kernel

2021-07-21 05:44:30

almalinux

Moderate: kernel security, bug fix, and enhancement update

2021-11-09 09:08:02

redhat

(RHSA-2021:4140) Moderate: kernel-rt security and bug fix update

2021-11-09 08:21:02

(RHSA-2021:4356) Moderate: kernel security, bug fix, and enhancement update

2021-11-09 09:08:02

(RHSA-2021:4627) Moderate: Openshift Logging 5.3.0 bug fix and security update

2021-11-15 12:52:28

rapid7blog

Patch Tuesday - May 2021

2021-05-11 23:44:00

qualysblog

Microsoft & Adobe Patch Tuesday (May 2021) – Qualys covers 85 Vulnerabilities, 26 Critical

2021-05-11 21:53:37

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

41.3%

JSON

Related for CVELIST:CVE-2020-24587