3.5 Low
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2.9 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.2%
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | firmware-nonfree | < 20210818-1 | firmware-nonfree_20210818-1_all.deb |
Debian | 11 | all | firmware-nonfree | <= 20210315-3 | firmware-nonfree_20210315-3_all.deb |
Debian | 10 | all | firmware-nonfree | < 20190114+really20220913-0+deb10u1 | firmware-nonfree_20190114+really20220913-0+deb10u1_all.deb |
Debian | 999 | all | firmware-nonfree | < 20210818-1 | firmware-nonfree_20210818-1_all.deb |
Debian | 13 | all | firmware-nonfree | < 20210818-1 | firmware-nonfree_20210818-1_all.deb |
Debian | 12 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Debian | 11 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Debian | 10 | all | linux | < 4.19.194-1 | linux_4.19.194-1_all.deb |
Debian | 999 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Debian | 13 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
3.5 Low
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2.9 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.2%