CVE-2020-26147

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

Severity	MEDIUM
CVSS	5.4
CWE	NVD-CWE-Other
KEV
Published	5 years ago
Modified	1 month ago

Related Products

Product	Advisory	Evidence
Cisco Webex Room Phone	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco TelePresence Endpoint Software (TC/CE)	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco TelePresence	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco IP phone	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco IP Phones with Multiplatform Firmware	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Business Wireless Access Point Software	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Aironet Access Point Software (IOS XE Controller)	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln
Cisco Aironet Access Point Software	cisco-sa-wifi-faf-22epcEWu	Cisco OpenVuln