CVE-2020-26141 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Insufficient validation
Description	An issue was discovered in the Linux kernel before version 5.12.9. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.

Group	Package	Affected	Fixed	Severity	Status
AVG-2034	linux-lts	5.10.41-1	5.10.42-1	Medium	Fixed
AVG-2033	linux-hardened	5.12.7.hardened1-1	5.12.9.hardened1-1	Medium	Fixed
AVG-2032	linux-zen	5.12.8.zen1-1	5.12.9.zen1-1	Medium	Fixed
AVG-2031	linux	5.12.8.arch1-1	5.12.9.arch1-1	Medium	Fixed

References
https://www.openwall.com/lists/oss-security/2021/05/11/12 https://papers.mathyvanhoef.com/usenix2021.pdf https://www.fragattacks.com/ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.9&id=a15a0151da2134545d5016ea068a39f96d1272f5 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.42&id=6643b21aee1c3cac10da9dfb0fa17aacc431fa91

References

https://www.openwall.com/lists/oss-security/2021/05/11/12
https://papers.mathyvanhoef.com/usenix2021.pdf
https://www.fragattacks.com/
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.9&id=a15a0151da2134545d5016ea068a39f96d1272f5
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.42&id=6643b21aee1c3cac10da9dfb0fa17aacc431fa91