First published: Tue May 11 2021(Updated: )
A vulnerability was found in Linux kernel, where the WiFi implementation reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:4.18.0-348.rt7.130.el8 | 0:4.18.0-348.rt7.130.el8 |
redhat/kernel | <0:4.18.0-348.el8 | 0:4.18.0-348.el8 |
Samsung Galaxy I9305 Firmware | =4.4.4 | |
Samsung Galaxy I9305 | ||
Arista C-250 Firmware | <10.0.1-31 | |
Arista C-250 | ||
Arista C-260 Firmware | <10.0.1-31 | |
Arista C-260 | ||
Arista C-230 Firmware | <10.0.1-31 | |
Arista C-230 | ||
Arista C-235 Firmware | <10.0.1-31 | |
Arista C-235 | ||
Arista C-200 Firmware | <11.0.0-36 | |
Arista C-200 | ||
Arista C-120 Firmware | <11.0.0-36 | |
Arista C-120 | ||
Arista C-130 Firmware | <11.0.0-36 | |
Arista C-130 | ||
Arista C-100 Firmware | <11.0.0-36 | |
Arista C-100 | ||
Arista C-110 Firmware | <11.0.0-36 | |
Arista C-110 | ||
Arista O-105 Firmware | <11.0.0-36 | |
Arista O-105 | ||
Arista W-118 Firmware | <11.0.0-36 | |
Arista W-118 | ||
Arista C-75 Firmware | ||
Arista C-75 | ||
Arista O-90 Firmware | ||
Arista O-90 | ||
Arista C-65 Firmware | ||
Arista C-65 | ||
Arista W-68 Firmware | ||
Arista W-68 | ||
Siemens Scalance W700 Ieee 802.11n Firmware | ||
Siemens SCALANCE W700 IEEE 802.11n | ||
Siemens Scalance W1700 Ieee 802.11ac Firmware | ||
Siemens Scalance W1700 Ieee 802.11ac | ||
Siemens Scalance W1750d Firmware | <8.7.1.3 | |
Siemens SCALANCE W1750D | ||
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-26146.
The severity of CVE-2020-26146 is high with a severity value of 5.3.
The Samsung Galaxy S3 i9305 with firmware version 4.4.4 is affected by CVE-2020-26146.
An adversary can exploit CVE-2020-26146 by abusing the WiFi implementation to exfiltrate selected fragments.
You can find more information about CVE-2020-26146 on the following references: [Reference 1](https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/), [Reference 2](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1960503), [Reference 3](https://access.redhat.com/errata/RHSA-2021:4140)