CVE-2020-26147
Published: 11 May 2021
Summary
CVE-2020-26147 is a medium-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 5.4 (Medium).
Operationally, ranked at the 32.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-18774
Vulnerability details
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when…
more
another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.