Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-26145

Опубликовано: 11 мая 2021
Источник: debian
EPSS Низкий

Описание

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed5.10.46-1package

Примечания

  • https://papers.mathyvanhoef.com/usenix2021.pdf

  • https://www.fragattacks.com/

  • https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/

  • https://lore.kernel.org/linux-wireless/20210511200110.5a0bd289bda8.Idd6ebea20038fb1cfee6de924aa595e5647c9eae@changeid/

  • https://lore.kernel.org/linux-wireless/20210511200110.9ca6ca7945a9.I1e18b514590af17c155bda86699bc3a971a8dcf4@changeid/

EPSS

Процентиль: 88%
0.04057
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-26145

CVSS3: 6.5
ubuntu
больше 4 лет назад

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

redhat логотип

CVE-2020-26145

CVSS3: 6.5
redhat
больше 4 лет назад

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

nvd логотип

CVE-2020-26145

CVSS3: 6.5
nvd
больше 4 лет назад

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

github логотип

GHSA-c6qp-cf89-h54c

CVSS3: 6.5
github
больше 3 лет назад

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

fstec логотип

BDU:2021-03175

CVSS3: 6.5
fstec
больше 4 лет назад

Уязвимость реализации алгоритмов WEP, WPA, WPA2 и WPA3 ядра операционной системы Linux, позволяющая нарушителю внедрить произвольные сетевые пакеты независимо от конфигурации сети

EPSS

Процентиль: 88%
0.04057
Низкий