An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

References

www.openwall.com/lists/oss-security/2021/05/11/12

cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

lists.debian.org/debian-lts-announce/2021/06/msg00019.html

lists.debian.org/debian-lts-announce/2021/06/msg00020.html

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

www.fragattacks.com

prion 1

nessus 56

cve 1

ubuntucve 1

nvd 1

redhatcve 1

debiancve 1

veracode 1

freebsd 1

freebsd_advisory 1

ics 2

oraclelinux 6

photon 4

openvas 33

mageia 2

checkpoint_security 1

thn 1

suse 4

osv 10

threatpost 1

malwarebytes 1

ubuntu 9

hackerone 1

cisco 1

arista 1

cloudfoundry 2

debian 2

slackware 1

almalinux 1

redhat 4

prion

Design/Logic Flaw

2021-05-11 20:15:00

nessus

Cisco Multiple Products Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-26147)

2024-03-18 00:00:00

Siemens SCALANCE FragAttacks (CVE-2020-26147)

2023-04-11 00:00:00

FreeBSD : FreeBSD-kernel -- Multiple WiFi issues (8d20bd48-a4f3-11ec-90de-1c697aa5a594)

2022-03-16 00:00:00

cve

CVE-2020-26147

2021-05-11 20:15:08

ubuntucve

CVE-2020-26147

2021-05-11 00:00:00

nvd

CVE-2020-26147

2021-05-11 20:15:08

redhatcve

CVE-2020-26147

2021-05-19 00:26:56

debiancve

CVE-2020-26147

2021-05-11 20:15:08

veracode

Packet Injection

2021-11-17 22:38:14

freebsd

FreeBSD-kernel -- Multiple WiFi issues

2022-03-15 00:00:00

freebsd_advisory

FreeBSD-SA-22:02.wifi

2022-03-15 00:00:00

ics

Siemens SCALANCE FragAttacks

2022-04-14 12:00:00

Hitachi ABB Power Grids TropOS

2021-08-24 12:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2021-08-10 00:00:00

Unbreakable Enterprise kernel-container security update

2021-08-10 00:00:00

Unbreakable Enterprise kernel security update

2021-09-21 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0278

2021-08-01 00:00:00

Important Photon OS Security Update - PHSA-2021-3.0-0278

2021-08-01 00:00:00

Critical Photon OS Security Update - PHSA-2021-0409

2021-07-01 00:00:00

openvas

Mageia: Security Advisory (MGASA-2021-0257)

2022-01-28 00:00:00

Mageia: Security Advisory (MGASA-2021-0258)

2022-01-28 00:00:00

Ubuntu: Security Advisory (USN-5018-1)

2021-07-21 00:00:00

mageia

Updated kernel packages fix security vulnerabilities

2021-06-14 00:32:39

Updated kernel-linus packages fix security vulnerabilities

2021-06-14 00:32:39

checkpoint_security

Check Point Response to Wi-Fi FragAttacks in Quantum Spark appliances

2021-06-09 23:24:30

thn

Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks

2021-05-12 13:07:00

suse

Security update for the Linux Kernel (important)

2021-06-06 00:00:00

Security update for the Linux Kernel (important)

2021-07-01 00:00:00

Security update for the Linux Kernel (important)

2021-07-11 00:00:00

osv

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

2021-07-20 22:11:51

linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

2022-02-22 10:16:56

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

2021-06-23 03:36:14

threatpost

‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices

2021-05-12 15:48:05

malwarebytes

FragAttack: New Wi-Fi vulnerabilities that affect… basically everything

2021-05-12 17:31:21

ubuntu

Linux kernel vulnerabilities

2021-07-20 00:00:00

Linux kernel vulnerabilities

2022-02-22 00:00:00

Linux kernel (OEM) vulnerabilities

2021-06-23 00:00:00

hackerone

Internet Bug Bounty: Fragmentation and Aggregation Flaws in Wi-Fi

2021-06-19 21:24:25

cisco

Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021

2021-05-11 18:00:00

arista

Security Advisory 0063

2021-05-25 00:00:00

cloudfoundry

USN-5000-1: Linux kernel vulnerabilities | Cloud Foundry

2021-07-08 00:00:00

USN-5343-1: Linux kernel vulnerabilities | Cloud Foundry

2022-04-21 00:00:00

debian

[SECURITY] [DLA 2690-1] linux-4.19 security update

2021-06-23 00:05:06

[SECURITY] [DLA 2689-1] linux security update

2021-06-23 00:11:57

slackware

[slackware-security] Slackware 14.2 kernel

2021-07-21 05:44:30

almalinux

Moderate: kernel security, bug fix, and enhancement update

2021-11-09 09:08:02

redhat

(RHSA-2021:4140) Moderate: kernel-rt security and bug fix update

2021-11-09 08:21:02

(RHSA-2021:4356) Moderate: kernel security, bug fix, and enhancement update

2021-11-09 09:08:02

(RHSA-2021:5137) Moderate: Openshift Logging Security Release (5.0.10)

2021-12-14 21:31:08

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.9%

JSON

Related for CVELIST:CVE-2020-26147