Уязвимость CVE-2020-26145: Информация
Описание
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
Важность: MEDIUM (6,5) Вектор: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Исправленные пакеты
Имя пакета | Ветка | Исправлено в версии | Версия в репозитории | Errata ID | № Задания | Состояние |
|---|---|---|---|---|---|---|
| kernel-image-std-debug | sisyphus | 5.10.54-alt1 | 6.1.89-alt1 | ALT-PU-2021-2370-1 | 281272 | Исправлено |
| kernel-image-std-def | sisyphus | 5.10.42-alt1 | 6.1.89-alt1 | ALT-PU-2021-1917-1 | 273495 | Исправлено |
| kernel-image-std-def | p10 | 5.10.42-alt1 | 5.10.213-alt1 | ALT-PU-2021-1917-1 | 273495 | Исправлено |
| kernel-image-std-def | p9 | 5.4.124-alt1 | 5.4.274-alt1 | ALT-PU-2021-1948-1 | 273491 | Исправлено |
| kernel-image-std-def | c9f2 | 5.10.42-alt0.c9f | 5.10.214-alt0.c9f.2 | ALT-PU-2021-1961-1 | 273497 | Исправлено |
| kernel-image-un-def | sisyphus | 5.12.10-alt1 | 6.6.29-alt1 | ALT-PU-2021-1990-1 | 274393 | Исправлено |
| kernel-image-un-def | sisyphus_riscv64 | 5.19.16-alt2.rv64 | 6.6.28-alt1.0.port | ALT-PU-2022-6777-1 | - | Исправлено |
| kernel-image-un-def | p10 | 5.12.10-alt1 | 6.1.85-alt1 | ALT-PU-2021-1990-1 | 274393 | Исправлено |
| kernel-image-un-def | p9 | 5.10.42-alt1 | 5.10.215-alt1 | ALT-PU-2021-1946-1 | 273498 | Исправлено |
| kernel-image-un-def | c10f1 | 5.12.10-alt1 | 6.1.85-alt0.c10f.1 | ALT-PU-2021-1990-1 | 274393 | Исправлено |
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
|---|---|
| https://www.fragattacks.com |
|
| https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md |
|
| [oss-security] 20210511 various 802.11 security issues - fragattacks.com |
|
| https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf |
|