Vulnerability-Lookup

BDU:2021-03176

Vulnerability from fstec - Published: 11.05.2021

Title

Уязвимость реализации алгоритмов WEP, WPA, WPA2 и WPA3 ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

Description

Уязвимость реализации алгоритмов WEP, WPA, WPA2 и WPA3 ядра операционной системы Linux существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать воздействие на целостность защищаемой информации при помощи специально сформированных фрагментированных кадров, зашифрованных с использованием WEP, CCMP или GCMP

Severity ?


                    
                      AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Vendor

Cisco Systems Inc., Samsung Electronics, Сообщество свободного программного обеспечения

Software Name

Cisco Aironet 1560, Cisco IP Conference Phone 8832, Cisco IP Phone 8861, Cisco IP Phone 8865, Cisco IP Phone 8861 Running Third-Party Call Control (3PCC) Software, Cisco IP Phone 8821, Webex Room, Webex Desk, Webex Board, Webex Wireless Phone 860, Webex Wireless Phone 840, Cisco Aironet 2800, Cisco Aironet 3800, Cisco Aironet 4800, Catalyst IW 6300, Aironet 1542, Aironet 1810, Aironet 1815, Aironet 1832, Aironet 1842, Aironet 1852, Aironet 1800i, Catalyst 9117, Catalyst 9124, Catalyst 9130, Samsung Galaxy S3, Linux

Software Version

8.9 (Cisco Aironet 1560), 12.8(1)SR1 (Cisco IP Conference Phone 8832), 12.8(1)SR1 (Cisco IP Phone 8861), 12.8(1)SR1 (Cisco IP Phone 8865), 11.3(4) (Cisco IP Phone 8861 Running Third-Party Call Control (3PCC) Software), 11.0(6)SR1 (Cisco IP Phone 8821), 9.15.2-RoomOS_March_2021 (Webex Room), 10.2.1-RoomOS_March_2021 (Webex Room), 9.15.0.11 (Webex Desk), 10.3.1-RoomOS_April_2021 (Webex Board), 1.1(0) (Webex Wireless Phone 860), 1.1(0) (Webex Wireless Phone 840), ap-17.3.4.15 (Cisco Aironet 1560), 8.5(178.9) (Cisco Aironet 2800), ap-17.3.4.15 (Cisco Aironet 2800), ap-17.3.4.15 (Cisco Aironet 3800), 8.5(178.9) (Cisco Aironet 3800), 8.5(178.9) (Cisco Aironet 4800), ap-17.3.4.15 (Cisco Aironet 4800), ap-17.3.4.15 (Catalyst IW 6300), 8.5(178.9) (Catalyst IW 6300), ap-17.6.0.31 (Aironet 1542), ap-17.6.0.31 (Aironet 1810), ap-17.6.0.31 (Aironet 1815), ap-17.6.0.31 (Aironet 1832), ap-17.6.0.31 (Aironet 1842), ap-17.6.0.31 (Aironet 1852), ap-17.6.0.31 (Aironet 1800i), ap-17.6.0.31 (Catalyst 9117), ap-17.6.0.31 (Catalyst 9124), ap-17.6.0.31 (Catalyst 9130), i9305 4.4.4 (Samsung Galaxy S3), от 4.0 до 4.4.270 включительно (Linux), от 4.5 до 4.9.270 включительно (Linux), от 4.10 до 4.14.234 включительно (Linux), от 4.20 до 5.4.123 включительно (Linux), от 5.5 до 5.10.41 включительно (Linux), от 4.15 до 4.19.192 включительно (Linux), от 5.11 до 5.12.8 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.235 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.271 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.271 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.42 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.9 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.124 Для программных продуктов Cisco Systems Inc.: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu

Reference

https://access.redhat.com/security/cve/cve-2020-26146 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26146 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.235 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.271 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.271 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.42 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.9 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.124 https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ https://nvd.nist.gov/vuln/detail/CVE-2020-26146 https://papers.mathyvanhoef.com/usenix2021.pdf https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu https://www.cve.org/CVERecord?id=CVE-2020-26146

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
  "CVSS 3.0": "AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc., Samsung Electronics, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8.9 (Cisco Aironet 1560), 12.8(1)SR1 (Cisco IP Conference Phone 8832), 12.8(1)SR1 (Cisco IP Phone 8861), 12.8(1)SR1 (Cisco IP Phone 8865), 11.3(4) (Cisco IP Phone 8861 Running Third-Party Call Control (3PCC) Software), 11.0(6)SR1 (Cisco IP Phone 8821), 9.15.2-RoomOS_March_2021 (Webex Room), 10.2.1-RoomOS_March_2021 (Webex Room), 9.15.0.11 (Webex Desk), 10.3.1-RoomOS_April_2021 (Webex Board), 1.1(0) (Webex Wireless Phone 860), 1.1(0) (Webex Wireless Phone 840), ap-17.3.4.15 (Cisco Aironet 1560), 8.5(178.9) (Cisco Aironet 2800), ap-17.3.4.15 (Cisco Aironet 2800), ap-17.3.4.15 (Cisco Aironet 3800), 8.5(178.9) (Cisco Aironet 3800), 8.5(178.9) (Cisco Aironet 4800), ap-17.3.4.15 (Cisco Aironet 4800), ap-17.3.4.15 (Catalyst IW 6300), 8.5(178.9) (Catalyst IW 6300), ap-17.6.0.31 (Aironet 1542), ap-17.6.0.31 (Aironet 1810), ap-17.6.0.31 (Aironet 1815), ap-17.6.0.31 (Aironet 1832), ap-17.6.0.31 (Aironet 1842), ap-17.6.0.31 (Aironet 1852), ap-17.6.0.31 (Aironet 1800i), ap-17.6.0.31 (Catalyst 9117), ap-17.6.0.31 (Catalyst 9124), ap-17.6.0.31 (Catalyst 9130), i9305 4.4.4 (Samsung Galaxy S3), \u043e\u0442 4.0 \u0434\u043e 4.4.270 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.5 \u0434\u043e 4.9.270 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.234 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.123 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.41 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.192 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.12.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.235\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.271\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.271\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.42\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.9\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.124\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Cisco Systems Inc.:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.05.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.06.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "23.06.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-03176",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-26146",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Aironet 1560, Cisco IP Conference Phone 8832, Cisco IP Phone 8861, Cisco IP Phone 8865, Cisco IP Phone 8861 Running Third-Party Call Control (3PCC) Software, Cisco IP Phone 8821, Webex Room, Webex Desk, Webex Board, Webex Wireless Phone 860, Webex Wireless Phone 840, Cisco Aironet 2800, Cisco Aironet 3800, Cisco Aironet 4800, Catalyst IW 6300, Aironet 1542, Aironet 1810, Aironet 1815, Aironet 1832, Aironet 1842, Aironet 1852, Aironet 1800i, Catalyst 9117, Catalyst 9124, Catalyst 9130, Samsung Galaxy S3, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u0432 WEP, WPA, WPA2 \u0438 WPA3 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u0432 WEP, WPA, WPA2 \u0438 WPA3 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u0430\u0434\u0440\u043e\u0432, \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c WEP, CCMP \u0438\u043b\u0438 GCMP",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2020-26146\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26146\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.235\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.271\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.271\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.42\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.9\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.124\nhttps://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-26146\nhttps://papers.mathyvanhoef.com/usenix2021.pdf\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\nhttps://www.cve.org/CVERecord?id=CVE-2020-26146",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434, \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 2,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)"
}

CVE-2020-26146 (GCVE-0-2020-26146)

Vulnerability from cvelistv5 – Published: 2021-05-11 19:39 – Updated: 2024-08-04 15:49

Summary

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://www.fragattacks.com	x_refsource_MISC
	https://github.com/vanhoefm/fragattacks/blob/mast…	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2021/0…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://www.arista.com/en/support/advisories-noti…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:49:07.202Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-28T14:28:30.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fragattacks.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-26146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
            },
            {
              "name": "https://www.fragattacks.com",
              "refsource": "MISC",
              "url": "https://www.fragattacks.com"
            },
            {
              "name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
              "refsource": "MISC",
              "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
            },
            {
              "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
            },
            {
              "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
              "refsource": "MISC",
              "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-26146",
    "datePublished": "2021-05-11T19:39:07.000Z",
    "dateReserved": "2020-09-29T00:00:00.000Z",
    "dateUpdated": "2024-08-04T15:49:07.202Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2021-03176

CVE-2020-26146 (GCVE-0-2020-26146)

Tags

Sightings

Nomenclature