CVE-2020-24588 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Insufficient validation |
Description | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2034 | linux-lts | 5.10.41-1 | 5.10.42-1 | Medium | Fixed | |
AVG-2033 | linux-hardened | 5.12.7.hardened1-1 | 5.12.9.hardened1-1 | Medium | Fixed | |
AVG-2032 | linux-zen | 5.12.8.zen1-1 | 5.12.9.zen1-1 | Medium | Fixed | |
AVG-2031 | linux | 5.12.8.arch1-1 | 5.12.9.arch1-1 | Medium | Fixed |