20 matches found
The vulnerability in the implementation of the IEEE 802.11 protocol in Linux kernel allows a attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the Linux operating system’s IEEE 802.11 kernel implementation is related to insufficient verification of data authenticity. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected information...
EUVD-2020-17305
Malware in sbrugna...
EUVD-2023-57051
Malicious code in bioql PyPI...
Fortinet Fortigate Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification (FragAttacks) (FG-IR-21-071)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-071 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't...
Security Advisory 0097
Security Advisory 0097 PDF Date: May 24, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 24, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-52424 CVSSv3.1 Base Score: Not indicated by NVD as of 5/23/2024 Description Arista Networks is providing this security update in respon...
SUSE CVE-2020-24588
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...
EulerOS 2.0 SP3 : kernel (EulerOS-SA-2022-1735)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...
FreeBSD : FreeBSD-kernel -- Multiple WiFi issues (8d20bd48-a4f3-11ec-90de-1c697aa5a594)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 8d20bd48-a4f3-11ec-90de-1c697aa5a594 advisory. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired...
Ubuntu 20.04 LTS : Linux kernel (KVM) vulnerabilities (USN-5000-2)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5000-2 advisory. USN-5000-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and the Linux HWE kernel for Ubuntu 18.04 LTS. This update provides the...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9404)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9404 advisory. - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33135632 CVE-2021-33909 - Bluetooth: fix the erroneous flushwork...
SUSE SLES12: kernel-default / kernel-default-base / kernel-default-devel / etc (SUSE-SU-2021:2406-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2406-1 advisory. The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: -...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5000-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5000-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-4999-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4999-1 advisory. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A...
Updated kernel-linus packages fix security vulnerabilities
This kernel-linus update is based on upstream 5.10.43 and fixes at least the following security issues: The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting ...
CVE-2020-24588
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...
CVE-2020-24587
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...
Design/Logic Flaw
The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using...
CVE-2020-24588
The CVE-2020-24588 entry relates to the 802.11 Wi‑Fi fragmentation/ A‑MSDU handling issue where the plaintext QoS header flag isn’t authenticated, enabling an attacker to inject packets by sending non‑SSP A‑MSDU frames (FragAttacks). Connected Astra Linux advisories describe this as a variant of ...
CVE-2020-24586
CVE-2020-24586 describes a fragmentation cache issue in the Linux kernel Wi‑Fi stack: received fragments are not cleared from memory on reconnect, enabling an attacker within Wi‑Fi range to inject arbitrary packets or exfiltrate data when fragments encrypted with WEP/CCMP/GCMP are involved. Conne...
Siemens SCALANCE W Access Point Detection
Binary data 6774.prm...