Vulnerability CVE-2020-26145: Information

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-26145
Published: May 11, 2021
Modified: May 13, 2022
Error type identifier: CWE-20

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-std-debugsisyphus5.10.54-alt16.1.87-alt1ALT-PU-2021-2370-1281272Fixed
kernel-image-std-defsisyphus5.10.42-alt16.1.87-alt1ALT-PU-2021-1917-1273495Fixed
kernel-image-std-defp105.10.42-alt15.10.213-alt1ALT-PU-2021-1917-1273495Fixed
kernel-image-std-defp95.4.124-alt15.4.274-alt1ALT-PU-2021-1948-1273491Fixed
kernel-image-std-defc9f25.10.42-alt0.c9f5.10.214-alt0.c9f.2ALT-PU-2021-1961-1273497Fixed
kernel-image-un-defsisyphus5.12.10-alt16.6.28-alt1ALT-PU-2021-1990-1274393Fixed
kernel-image-un-defsisyphus_riscv645.19.16-alt2.rv646.6.28-alt1.0.portALT-PU-2022-6777-1-Fixed
kernel-image-un-defp105.12.10-alt16.1.85-alt1ALT-PU-2021-1990-1274393Fixed
kernel-image-un-defp95.10.42-alt15.10.215-alt1ALT-PU-2021-1946-1273498Fixed
kernel-image-un-defc10f15.12.10-alt16.1.85-alt0.c10f.1ALT-PU-2021-1990-1274393Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.fragattacks.com
  • Third Party Advisory
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md
  • Third Party Advisory
[oss-security] 20210511 various 802.11 security issues - fragattacks.com
  • Mailing List
  • Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf
  • Patch
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:o:samsung:galaxy_i9305_firmware:4.4.4:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:samsung:galaxy_i9305:-:*:*:*:*:*:*:*

      Configuration 2

      cpe:2.3:o:siemens:6gk5763-1al00-7da0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5763-1al00-7da0:-:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:o:siemens:6gk5766-1ge00-7da0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1ge00-7da0:-:*:*:*:*:*:*:*

      Configuration 4

      cpe:2.3:o:siemens:6gk5766-1ge00-7db0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1ge00-7db0:-:*:*:*:*:*:*:*

      Configuration 5

      cpe:2.3:o:siemens:6gk5766-1je00-7da0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1je00-7da0:-:*:*:*:*:*:*:*

      Configuration 6

      cpe:2.3:o:siemens:6gk5766-1ge00-7ta0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1ge00-7ta0:-:*:*:*:*:*:*:*

      Configuration 7

      cpe:2.3:o:siemens:6gk5766-1ge00-7tb0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1ge00-7tb0:-:*:*:*:*:*:*:*

      Configuration 8

      cpe:2.3:o:siemens:6gk5766-1je00-7ta0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1je00-7ta0:-:*:*:*:*:*:*:*

      Configuration 9

      cpe:2.3:o:siemens:6gk5763-1al00-3aa0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5763-1al00-3aa0:-:*:*:*:*:*:*:*

      Configuration 10

      cpe:2.3:o:siemens:6gk5763-1al00-3da0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5763-1al00-3da0:-:*:*:*:*:*:*:*

      Configuration 11

      cpe:2.3:o:siemens:6gk5766-1ge00-3da0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1ge00-3da0:-:*:*:*:*:*:*:*

      Configuration 12

      cpe:2.3:o:siemens:6gk5766-1ge00-3db0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1ge00-3db0:-:*:*:*:*:*:*:*

      Configuration 13

      cpe:2.3:o:siemens:6gk5766-1je00-3da0_firmware:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:h:siemens:6gk5766-1je00-3da0:-:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top