Vulnerability CVE-2020-26147: Information

Description

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

Severity: MEDIUM (5.4) Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-26147

Published: May 11, 2021

Modified: July 12, 2022

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	4.20.4-alt1	6.9.4-alt1	ALT-PU-2019-1139-1	220078	Fixed
kernel-image-mp	p10	4.20.4-alt1	6.1.19-alt1	ALT-PU-2019-1139-1	220078	Fixed
kernel-image-mp	p9	5.11.16-alt1	5.12.16-alt1	ALT-PU-2021-1869-1	271829	Fixed
kernel-image-mp	p11	4.20.4-alt1	6.8.8-alt1	ALT-PU-2019-1139-1	220078	Fixed
kernel-image-rpi-def	sisyphus	5.10.50-alt1	5.15.92-alt2	ALT-PU-2021-2293-1	279852	Fixed
kernel-image-rpi-def	p10	5.10.50-alt1	5.15.92-alt2	ALT-PU-2021-2305-1	279938	Fixed
kernel-image-rpi-def	p9	5.10.50-alt1	5.10.81-alt1	ALT-PU-2021-2307-1	279906	Fixed
kernel-image-rpi-def	p11	5.10.50-alt1	5.15.92-alt2	ALT-PU-2021-2293-1	279852	Fixed
kernel-image-rpi-un	sisyphus	5.12.17-alt1	6.6.23-alt1	ALT-PU-2021-2315-1	280530	Fixed
kernel-image-rpi-un	p10	5.12.17-alt1	6.1.77-alt1	ALT-PU-2021-2326-1	280547	Fixed
kernel-image-rpi-un	p9	5.12.17-alt1	5.12.17-alt1	ALT-PU-2021-2330-1	280546	Fixed
kernel-image-rpi-un	p11	5.12.17-alt1	6.6.23-alt1	ALT-PU-2021-2315-1	280530	Fixed
kernel-image-rt	sisyphus	5.10.47-alt1.rt45	6.1.92-alt1.rt32	ALT-PU-2021-2165-1	277492	Fixed
kernel-image-rt	p10	5.10.47-alt1.rt45	5.10.218-alt1.rt110	ALT-PU-2021-2165-1	277492	Fixed
kernel-image-rt	c9f2	4.19.199-alt1.rt86	4.19.199-alt2.rt86	ALT-PU-2021-2671-1	283461	Fixed
kernel-image-rt	p11	5.10.47-alt1.rt45	6.1.90-alt2.rt30	ALT-PU-2021-2165-1	277492	Fixed
kernel-image-std-debug	sisyphus	5.10.54-alt1	6.1.94-alt1	ALT-PU-2021-2370-1	281272	Fixed
kernel-image-std-debug	p11	5.10.54-alt1	6.1.91-alt1	ALT-PU-2021-2370-1	281272	Fixed
kernel-image-std-def	sisyphus	5.10.42-alt1	6.1.94-alt1	ALT-PU-2021-1917-1	273495	Fixed
kernel-image-std-def	p10	5.10.42-alt1	5.10.218-alt1	ALT-PU-2021-1917-1	273495	Fixed
kernel-image-std-def	p9	5.4.124-alt1	5.4.277-alt1	ALT-PU-2021-1948-1	273491	Fixed
kernel-image-std-def	p8	4.9.271-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2021-1951-1	273502	Fixed
kernel-image-std-def	c9f2	5.10.42-alt0.c9f	5.10.214-alt0.c9f.2	ALT-PU-2021-1961-1	273497	Fixed
kernel-image-std-def	c7	4.4.277-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2021-3033-1	281293	Fixed
kernel-image-std-def	p11	5.10.42-alt1	6.1.91-alt1	ALT-PU-2021-1917-1	273495	Fixed
kernel-image-std-kvm	sisyphus	5.10.42-alt1	5.10.176-alt1	ALT-PU-2021-1920-1	273546	Fixed
kernel-image-std-kvm	p10	5.10.42-alt1	5.10.42-alt1	ALT-PU-2021-1920-1	273546	Fixed
kernel-image-std-kvm	p11	5.10.42-alt1	5.10.176-alt1	ALT-PU-2021-1920-1	273546	Fixed
kernel-image-un-def	sisyphus	4.5.0-alt1	6.6.34-alt1	ALT-PU-2016-1262-1	161431	Fixed
kernel-image-un-def	sisyphus_riscv64	5.19.16-alt2.rv64	6.6.32-alt1.0.port	ALT-PU-2022-6777-1	-	Fixed
kernel-image-un-def	p10	4.5.0-alt1	6.1.90-alt1	ALT-PU-2016-1262-1	161431	Fixed
kernel-image-un-def	p9	5.7.0-alt1	5.10.218-alt1	ALT-PU-2020-2164-1	252789	Fixed
kernel-image-un-def	p8	4.13.7-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2017-2470-1	188636	Fixed
kernel-image-un-def	c10f1	4.5.0-alt1	6.1.85-alt0.c10f.1	ALT-PU-2016-1262-1	161431	Fixed
kernel-image-un-def	c9f2	5.7.0-alt1	5.10.29-alt2	ALT-PU-2020-2164-1	252789	Fixed
kernel-image-un-def	c7	4.9.277-alt0.M70C.1	4.9.277-alt0.M70C.1	ALT-PU-2021-3032-1	281292	Fixed
kernel-image-un-def	p11	4.5.0-alt1	6.6.31-alt1	ALT-PU-2016-1262-1	161431	Fixed
kernel-image-xenomai	p10	4.19.229-alt1.cip67.21	4.19.252-alt1.cip78.23	ALT-PU-2022-2096-1	301830	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://www.fragattacks.com	Product
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md	Third Party Advisory
[oss-security] 20210511 various 802.11 security issues - fragattacks.com	Mailing List Patch Third Party Advisory
[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update	Mailing List Third Party Advisory
[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update	Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf	Third Party Advisory
20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021	Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63	Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.4
  End excliding
  4.4.271
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.9
  End excliding
  4.9.271
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.14
  End excliding
  4.14.235
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.19
  End excliding
  4.19.193
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  5.4
  End excliding
  5.4.124
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  5.10
  End excliding
  5.10.42
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  5.12
  End excliding
  5.12.9
  
  Configuration 2
  cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:arista:c-75_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:arista:c-75:-:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:o:arista:o-90_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:arista:o-90:-:*:*:*:*:*:*:*
  
  Configuration 5
  cpe:2.3:o:arista:c-65_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:arista:c-65:-:*:*:*:*:*:*:*
  
  Configuration 6
  cpe:2.3:o:arista:w-68_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:arista:w-68:-:*:*:*:*:*:*:*
  
  Configuration 7
  cpe:2.3:o:siemens:scalance_w700_ieee_802.11n_firmware:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:siemens:scalance_w700_ieee_802.11n:-:*:*:*:*:*:*:*
  
  Configuration 8
  cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2020-26147: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Configuration 7

Configuration 8