CVE-2020-26142
Summary
| CVE | CVE-2020-26142 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-05-11 20:15:00 UTC |
| Updated | 2021-12-03 21:12:00 UTC |
| Description | An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration. |
Risk And Classification
Problem Types: CWE-74
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021 | CISCO | tools.cisco.com | |
| FragAttacks: Security flaws in all Wi-Fi devices | MISC | www.fragattacks.com | |
| Security Advisory 0063 - Arista | MISC | www.arista.com | |
| fragattacks/SUMMARY.md at master · vanhoefm/fragattacks · GitHub | MISC | github.com | |
| oss-security - various 802.11 security issues - fragattacks.com | MLIST | www.openwall.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159403 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9459)
- 390248 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0035)
- 591150 Hitachi ABB Power Grids TropOS Multiple Vulnerabilities (ICSA-21-236-01,9AKK107992A4463)
- 671051 EulerOS Security Update for kernel (EulerOS-SA-2021-2663)
- 671441 EulerOS Security Update for kernel (EulerOS-SA-2022-1366)
- 671703 EulerOS Security Update for kernel (EulerOS-SA-2022-1735)