CVE-2020-26145 log

Source
Severity Medium
Remote Yes
Type Insufficient validation
Description
An issue was discovered in the Linux kernel before version 5.12.9. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
Group Package Affected Fixed Severity Status Ticket
AVG-2034 linux-lts 5.10.41-1 5.10.42-1 Medium Fixed
AVG-2033 linux-hardened 5.12.7.hardened1-1 5.12.9.hardened1-1 Medium Fixed
AVG-2032 linux-zen 5.12.8.zen1-1 5.12.9.zen1-1 Medium Fixed
AVG-2031 linux 5.12.8.arch1-1 5.12.9.arch1-1 Medium Fixed
References
https://www.openwall.com/lists/oss-security/2021/05/11/12
https://papers.mathyvanhoef.com/usenix2021.pdf
https://www.fragattacks.com/
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.9&id=75ba7513a5ad9cd1a89c3d8f520e86a4c0f8457e
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.9&id=24a5e05f631d160cd29288454e1e2831ee6caa6a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.42&id=b1b3dcd653772f93b69be50263a0ca50d7c9e77f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.42&id=425cee63609137fa0c8f84f59f0dd0e94f296efe