// For flags

CVE-2020-24586

kernel: Fragmentation cache not cleared on reconnection

Severity Score

3.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

El estándar 802.11 que sustenta a Wi-Fi Protected Access (WPA, WPA2, y WPA3) y Wired Equivalent Privacy (WEP) no requiere que los fragmentos recibidos se borren de la memoria después de (re)conectarse a una red. En las circunstancias adecuadas, cuando otro dispositivo envía tramas fragmentadas cifradas mediante WEP, CCMP o GCMP, se puede abusar de esto para inyectar paquetes de red arbitrarios y/o exfiltrar datos del usuario

A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device.

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Adjacent
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-08-21 CVE Reserved
  • 2021-05-11 CVE Published
  • 2024-07-12 EPSS Updated
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Arista
Search vendor "Arista"
C-250 Firmware
Search vendor "Arista" for product "C-250 Firmware"
< 10.0.1-31
Search vendor "Arista" for product "C-250 Firmware" and version " < 10.0.1-31"
-
Affected
in Arista
Search vendor "Arista"
C-250
Search vendor "Arista" for product "C-250"
--
Safe
Arista
Search vendor "Arista"
C-260 Firmware
Search vendor "Arista" for product "C-260 Firmware"
< 10.0.1-31
Search vendor "Arista" for product "C-260 Firmware" and version " < 10.0.1-31"
-
Affected
in Arista
Search vendor "Arista"
C-260
Search vendor "Arista" for product "C-260"
--
Safe
Arista
Search vendor "Arista"
C-230 Firmware
Search vendor "Arista" for product "C-230 Firmware"
< 10.0.1-31
Search vendor "Arista" for product "C-230 Firmware" and version " < 10.0.1-31"
-
Affected
in Arista
Search vendor "Arista"
C-230
Search vendor "Arista" for product "C-230"
--
Safe
Arista
Search vendor "Arista"
C-235 Firmware
Search vendor "Arista" for product "C-235 Firmware"
< 10.0.1-31
Search vendor "Arista" for product "C-235 Firmware" and version " < 10.0.1-31"
-
Affected
in Arista
Search vendor "Arista"
C-235
Search vendor "Arista" for product "C-235"
--
Safe
Arista
Search vendor "Arista"
C-200 Firmware
Search vendor "Arista" for product "C-200 Firmware"
< 11.0.0-36
Search vendor "Arista" for product "C-200 Firmware" and version " < 11.0.0-36"
-
Affected
in Arista
Search vendor "Arista"
C-200
Search vendor "Arista" for product "C-200"
--
Safe
Intel
Search vendor "Intel"
Ax210 Firmware
Search vendor "Intel" for product "Ax210 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ax210 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ax210
Search vendor "Intel" for product "Ax210"
--
Safe
Intel
Search vendor "Intel"
Ax201 Firmware
Search vendor "Intel" for product "Ax201 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ax201 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ax201
Search vendor "Intel" for product "Ax201"
--
Safe
Intel
Search vendor "Intel"
Ax200 Firmware
Search vendor "Intel" for product "Ax200 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ax200 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ax200
Search vendor "Intel" for product "Ax200"
--
Safe
Intel
Search vendor "Intel"
Ac 9560 Firmware
Search vendor "Intel" for product "Ac 9560 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ac 9560 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ac 9560
Search vendor "Intel" for product "Ac 9560"
--
Safe
Intel
Search vendor "Intel"
Ac 9462 Firmware
Search vendor "Intel" for product "Ac 9462 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ac 9462 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ac 9462
Search vendor "Intel" for product "Ac 9462"
--
Safe
Intel
Search vendor "Intel"
Ac 9461 Firmware
Search vendor "Intel" for product "Ac 9461 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ac 9461 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ac 9461
Search vendor "Intel" for product "Ac 9461"
--
Safe
Intel
Search vendor "Intel"
Ac 9260 Firmware
Search vendor "Intel" for product "Ac 9260 Firmware"
< 22.30.0.11
Search vendor "Intel" for product "Ac 9260 Firmware" and version " < 22.30.0.11"
-
Affected
in Intel
Search vendor "Intel"
Ac 9260
Search vendor "Intel" for product "Ac 9260"
--
Safe
Intel
Search vendor "Intel"
Ac 8265 Firmware
Search vendor "Intel" for product "Ac 8265 Firmware"
< 20.70.21.2
Search vendor "Intel" for product "Ac 8265 Firmware" and version " < 20.70.21.2"
-
Affected
in Intel
Search vendor "Intel"
Ac 8265
Search vendor "Intel" for product "Ac 8265"
--
Safe
Intel
Search vendor "Intel"
Ac 8260 Firmware
Search vendor "Intel" for product "Ac 8260 Firmware"
< 20.70.21.2
Search vendor "Intel" for product "Ac 8260 Firmware" and version " < 20.70.21.2"
-
Affected
in Intel
Search vendor "Intel"
Ac 8260
Search vendor "Intel" for product "Ac 8260"
--
Safe
Intel
Search vendor "Intel"
Ac 3168 Firmware
Search vendor "Intel" for product "Ac 3168 Firmware"
< 19.51.33.1
Search vendor "Intel" for product "Ac 3168 Firmware" and version " < 19.51.33.1"
-
Affected
in Intel
Search vendor "Intel"
Ac 3168
Search vendor "Intel" for product "Ac 3168"
--
Safe
Intel
Search vendor "Intel"
Ac 7265 Firmware
Search vendor "Intel" for product "Ac 7265 Firmware"
< 19.51.33.1
Search vendor "Intel" for product "Ac 7265 Firmware" and version " < 19.51.33.1"
-
Affected
in Intel
Search vendor "Intel"
Ac 7265
Search vendor "Intel" for product "Ac 7265"
--
Safe
Intel
Search vendor "Intel"
Ac 3165 Firmware
Search vendor "Intel" for product "Ac 3165 Firmware"
< 19.51.33.1
Search vendor "Intel" for product "Ac 3165 Firmware" and version " < 19.51.33.1"
-
Affected
in Intel
Search vendor "Intel"
Ac 3165
Search vendor "Intel" for product "Ac 3165"
--
Safe
Intel
Search vendor "Intel"
Ax1675 Firmware
Search vendor "Intel" for product "Ax1675 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ax1675
Search vendor "Intel" for product "Ax1675"
--
Safe
Intel
Search vendor "Intel"
Ax1650 Firmware
Search vendor "Intel" for product "Ax1650 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ax1650
Search vendor "Intel" for product "Ax1650"
--
Safe
Intel
Search vendor "Intel"
Ac 1550 Firmware
Search vendor "Intel" for product "Ac 1550 Firmware"
--
Affected
in Intel
Search vendor "Intel"
Ac 1550
Search vendor "Intel" for product "Ac 1550"
--
Safe
Ieee
Search vendor "Ieee"
Ieee 802.11
Search vendor "Ieee" for product "Ieee 802.11"
*-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
9.0
Search vendor "Debian" for product "Debian Linux" and version "9.0"
-
Affected
Linux
Search vendor "Linux"
Mac80211
Search vendor "Linux" for product "Mac80211"
--
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.4 < 4.4.271
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.4 < 4.4.271"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.9 < 4.9.271
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.9 < 4.9.271"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.14 < 4.14.235
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.14 < 4.14.235"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 4.19 < 4.19.193
Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19 < 4.19.193"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.4 < 5.4.124
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.4.124"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.10 < 5.10.42
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 5.10.42"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.12 < 5.12.9
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.12 < 5.12.9"
-
Affected