Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-24588
HistoryMay 11, 2021 - 12:00 a.m.

CVE-2020-24588

2021-05-1100:00:00
ubuntu.com
ubuntu.com
27

3.5 Low

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

2.9 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.9%

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and
WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that the A-MSDU
flag in the plaintext QoS header field is authenticated. Against devices
that support receiving non-SSP A-MSDU frames (which is mandatory as part of
802.11n), an adversary can abuse this to inject arbitrary network packets.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux-aws-5.8< 5.8.0-1038.40~20.04.1UNKNOWN
ubuntu20.04noarchlinux-azure-5.8< 5.8.0-1036.38~20.04.1UNKNOWN
ubuntu20.04noarchlinux-gcp-5.8< 5.8.0-1035.37~20.04.1UNKNOWN
ubuntu20.04noarchlinux-oracle-5.8< 5.8.0-1033.34~20.04.1UNKNOWN
ubuntu20.04noarchlinux-riscv-5.8< 5.8.0-29.31~20.04.1UNKNOWN
ubuntu20.04noarchlinux-bluefield< 5.4.0-1013.16UNKNOWN
ubuntu16.04noarchlinux-gcp< 4.15.0-1106.120~16.04.1) Available with Ubuntu Pro or Ubuntu Pro (Infra-onlyUNKNOWN
ubuntu20.04noarchlinux-gcp< 5.4.0-1046.49UNKNOWN
ubuntu20.10noarchlinux-gcp< 5.8.0-1035.37UNKNOWN
ubuntu21.04noarchlinux-gcp< 5.11.0-1011.12UNKNOWN
Rows per page:
1-10 of 601

3.5 Low

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

2.9 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.9%