CVE-2020-26139 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Insufficient validation
Description	An issue was discovered in the Linux kernel before version 5.12.9. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

Group	Package	Affected	Fixed	Severity	Status
AVG-2034	linux-lts	5.10.41-1	5.10.42-1	Medium	Fixed
AVG-2033	linux-hardened	5.12.7.hardened1-1	5.12.9.hardened1-1	Medium	Fixed
AVG-2032	linux-zen	5.12.8.zen1-1	5.12.9.zen1-1	Medium	Fixed
AVG-2031	linux	5.12.8.arch1-1	5.12.9.arch1-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/05/11/12 https://papers.mathyvanhoef.com/usenix2021.pdf https://www.fragattacks.com/ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.9&id=a98c4c030cfb69c6ec3d1b951a904b80fea90d8a https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.42&id=2b9b07b9a06fab16bda3d33da3be70fe33bd95cb

References

https://www.openwall.com/lists/oss-security/2021/05/11/12
https://papers.mathyvanhoef.com/usenix2021.pdf
https://www.fragattacks.com/
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.9&id=a98c4c030cfb69c6ec3d1b951a904b80fea90d8a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.42&id=2b9b07b9a06fab16bda3d33da3be70fe33bd95cb