CVE-2020-26142 - log back

CVE-2020-26142 edited at 03 Jun 2021 13:41:16
Description
- A security issue has been found in the IEEE 802.11 implementation (mac80211) of the Linux kernel. Fragmented frames are processed as full frames.
+ An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
References
https://www.openwall.com/lists/oss-security/2021/05/11/12
https://papers.mathyvanhoef.com/usenix2021.pdf
https://www.fragattacks.com/
- https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
CVE-2020-26142 edited at 11 May 2021 18:58:24
Description
- A security issue has been found in the ath10k and ath11k wireless drivers of the Linux kernel. Fragmented frames are processed as full frames.
+ A security issue has been found in the IEEE 802.11 implementation (mac80211) of the Linux kernel. Fragmented frames are processed as full frames.
References
https://www.openwall.com/lists/oss-security/2021/05/11/12
https://papers.mathyvanhoef.com/usenix2021.pdf
https://www.fragattacks.com/
https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
CVE-2020-26142 edited at 11 May 2021 18:48:12
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Insufficient validation
Description
+ A security issue has been found in the ath10k and ath11k wireless drivers of the Linux kernel. Fragmented frames are processed as full frames.
References
+ https://www.openwall.com/lists/oss-security/2021/05/11/12
+ https://papers.mathyvanhoef.com/usenix2021.pdf
+ https://www.fragattacks.com/
+ https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
CVE-2020-26142 created at 11 May 2021 18:39:39
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes