Описание
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
A flaw was found in the Linux kernel's WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an attacker to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 6 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2021:4140 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2021:4356 | 09.11.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.1 Low
CVSS3
Связанные уязвимости
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Windows Wireless Networking Information Disclosure Vulnerability
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, ...
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
EPSS
3.1 Low
CVSS3