Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-24588

Опубликовано: 12 мая 2021
Источник: redhat
CVSS3: 4.3
EPSS Низкий

Описание

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelOut of support scope
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2021:414009.11.2021
Red Hat Enterprise Linux 8kernelFixedRHSA-2021:435609.11.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1959657kernel: wifi frame payload being parsed incorrectly as an L2 frame

EPSS

Процентиль: 72%
0.00726
Низкий

4.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-24588

CVSS3: 3.5
ubuntu
около 4 лет назад

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

nvd логотип

CVE-2020-24588

CVSS3: 3.5
nvd
около 4 лет назад

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

msrc логотип

CVE-2020-24588

CVSS3: 6.5
msrc
около 4 лет назад

Windows Wireless Networking Spoofing Vulnerability

debian логотип

CVE-2020-24588

CVSS3: 3.5
debian
около 4 лет назад

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, ...

github логотип

GHSA-qrgr-qfr9-4xfh

CVSS3: 3.5
github
около 3 лет назад

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

EPSS

Процентиль: 72%
0.00726
Низкий

4.3 Medium

CVSS3