Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1.8
CVSSv2

CVE-2020-24587

Published: 11/05/2021 Updated: 01/04/2023
CVSS v2 Base Score: 1.8 | Impact Score: 2.9 | Exploitability Score: 3.2
CVSS v3 Base Score: 2.6 | Impact Score: 1.4 | Exploitability Score: 1.2
VMScore: 161
Vector: AV:A/AC:H/Au:N/C:P/I:N/A:N
Subscribe to Ieee

Vulnerability Summary

A flaw was found in the Linux kernel's WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an malicious user to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ieee ieee 802.11

linux mac80211 -

debian debian linux 9.0

arista c-100_firmware -

arista c-110_firmware -

arista c-120_firmware -

arista c-130_firmware -

arista c-200_firmware -

arista c-230_firmware -

arista c-235_firmware -

arista c-250_firmware -

arista c-260_firmware -

arista c-65_firmware -

arista c-75_firmware -

arista o-105_firmware -

arista o-90_firmware -

arista w-118_firmware -

arista w-68_firmware -

cisco 1100_firmware -

cisco 1100-4p_firmware -

cisco 1100-8p_firmware -

cisco 1101-4p_firmware -

cisco 1109-2p_firmware -

cisco 1109-4p_firmware -

cisco aironet_1532_firmware -

cisco aironet_1542d_firmware -

cisco aironet_1542i_firmware -

cisco aironet_1552_firmware -

cisco aironet_1552h_firmware -

cisco aironet_1572_firmware -

cisco aironet_1702_firmware -

cisco aironet_1800_firmware -

cisco aironet_1800i_firmware -

cisco aironet_1810_firmware -

cisco aironet_1810w_firmware -

cisco aironet_1815_firmware -

cisco aironet_1815i_firmware -

cisco aironet_1832_firmware -

cisco aironet_1842_firmware -

cisco aironet_1852_firmware -

cisco aironet_2702_firmware -

cisco aironet_2800_firmware -

cisco aironet_2800e_firmware -

cisco aironet_2800i_firmware -

cisco aironet_3702_firmware -

cisco aironet_3800_firmware -

cisco aironet_3800e_firmware -

cisco aironet_3800i_firmware -

cisco aironet_3800p_firmware -

cisco aironet_4800_firmware -

cisco aironet_ap803_firmware -

cisco aironet_iw3702_firmware -

cisco catalyst_9105_firmware -

cisco catalyst_9105axi_firmware -

cisco catalyst_9105axw_firmware -

cisco catalyst_9115_firmware -

cisco catalyst_9115_ap_firmware -

cisco catalyst_9115axe_firmware -

cisco catalyst_9115axi_firmware -

cisco catalyst_9117_firmware -

cisco catalyst_9117_ap_firmware -

cisco catalyst_9117axi_firmware -

cisco catalyst_9120_firmware -

cisco catalyst_9120_ap_firmware -

cisco catalyst_9120axe_firmware -

cisco catalyst_9120axi_firmware -

cisco catalyst_9120axp_firmware -

cisco catalyst_9124_firmware -

cisco catalyst_9124axd_firmware -

cisco catalyst_9124axi_firmware -

cisco catalyst_9130_firmware -

cisco catalyst_9130_ap_firmware -

cisco catalyst_9130axe_firmware -

cisco catalyst_9130axi_firmware -

cisco catalyst_iw6300_firmware -

cisco catalyst_iw6300_ac_firmware -

cisco catalyst_iw6300_dc_firmware -

cisco catalyst_iw6300_dcw_firmware -

cisco esw6300_firmware -

cisco ip_phone_6861_firmware -

cisco ip_phone_8821_firmware -

cisco ip_phone_8832_firmware -

cisco ip_phone_8861_firmware -

cisco ip_phone_8865_firmware -

cisco ir829-2lte-ea-ak9_firmware -

cisco ir829-2lte-ea-bk9_firmware -

cisco ir829-2lte-ea-ek9_firmware -

cisco ir829gw-lte-ga-ck9_firmware -

cisco ir829gw-lte-ga-ek9_firmware -

cisco ir829gw-lte-ga-sk9_firmware -

cisco ir829gw-lte-ga-zk9_firmware -

cisco ir829gw-lte-na-ak9_firmware -

cisco ir829gw-lte-vz-ak9_firmware -

cisco meraki_gr10_firmware -

cisco meraki_gr60_firmware -

cisco meraki_mr12_firmware -

cisco meraki_mr20_firmware -

cisco meraki_mr26_firmware -

cisco meraki_mr30h_firmware -

cisco meraki_mr32_firmware -

cisco meraki_mr33_firmware -

cisco meraki_mr34_firmware -

cisco meraki_mr36_firmware -

cisco meraki_mr42_firmware -

cisco meraki_mr42e_firmware -

cisco meraki_mr44_firmware -

cisco meraki_mr45_firmware -

cisco meraki_mr46_firmware -

cisco meraki_mr46e_firmware -

cisco meraki_mr52_firmware -

cisco meraki_mr53_firmware -

cisco meraki_mr53e_firmware -

cisco meraki_mr55_firmware -

cisco meraki_mr56_firmware -

cisco meraki_mr62_firmware -

cisco meraki_mr66_firmware -

cisco meraki_mr70_firmware -

cisco meraki_mr72_firmware -

cisco meraki_mr74_firmware -

cisco meraki_mr76_firmware -

cisco meraki_mr84_firmware -

cisco meraki_mr86_firmware -

cisco meraki_mx64w_firmware -

cisco meraki_mx65w_firmware -

cisco meraki_mx67cw_firmware -

cisco meraki_mx67w_firmware -

cisco meraki_mx68cw_firmware -

cisco meraki_mx68w_firmware -

cisco meraki_z3_firmware -

cisco meraki_z3c_firmware -

cisco webex_board_55_firmware -

cisco webex_board_55s_firmware -

cisco webex_board_70_firmware -

cisco webex_board_70s_firmware -

cisco webex_board_85s_firmware -

cisco webex_dx70_firmware -

cisco webex_dx80_firmware -

cisco webex_room_55_firmware -

cisco webex_room_55_dual_firmware -

cisco webex_room_70_firmware -

cisco webex_room_70_dual_firmware -

cisco webex_room_70_dual_g2_firmware -

cisco webex_room_70_single_firmware -

cisco webex_room_70_single_g2_firmware -

cisco webex_room_kit_firmware -

cisco webex_room_kit_mini_firmware -

intel ac_8260_firmware -

intel ac_8265_firmware -

intel ac_9260_firmware -

intel ac_9560_firmware -

intel killer_ac_1550_firmware -

intel killer_wi-fi_6_ax1650_firmware -

intel killer_wi-fi_6e_ax1675_firmware -

intel proset_ac_3165_firmware -

intel proset_ac_3168_firmware -

intel proset_ac_8260_firmware -

intel proset_ac_8265_firmware -

intel proset_ac_9260_firmware -

intel proset_ac_9461_firmware -

intel proset_ac_9462_firmware -

intel proset_ac_9560_firmware -

intel proset_wi-fi_6_ax200_firmware -

intel proset_wi-fi_6_ax201_firmware -

intel proset_wi-fi_6e_ax210_firmware -

intel proset_wireless_7265_\\(rev_d\\)_firmware -

intel wi-fi_6_ax200_firmware -

intel wi-fi_6_ax201_firmware -

linux linux kernel

Vendor Advisories

Red Hat: CVE-2020-24587
A flaw was found in the Linux kernel's WiFi implementation An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid This flaw allows an attacker to send a fragment under an incorrect key, treating them as a valid fragment un ...
Cisco: Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public This paper discusses 12 vulnerabilities in the 80211 standard One vulnerability is in the frame aggregation functionality, two vulnerabilities are in the frame fragmentation functionality, and the other nine are impl ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-004
A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-002
A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-1879 linux 5122arch1-1 Medium Vulnerable ...

ICS Advisories

Mitsubishi Electric GT25-WLAN
Critical Infrastructure Sectors: Critical Manufacturing
https://ics-cert.us-cert.gov/advisories/1c5953bf7b4cffc98481adf559672c1a
Critical Infrastructure Sectors: Critical Manufacturing

Mailing Lists

Full Disclosure: various 802.11 security issues - fragattacks.com
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> various 80211 security issues - fragattackscom <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Johannes Berg &l ...

References

CWE-327https://www.fragattacks.comhttps://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdhttp://www.openwall.com/lists/oss-security/2021/05/11/12https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlhttps://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWuhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.htmlhttps://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63https://lists.debian.org/debian-lts-announce/2023/04/msg00002.htmlhttps://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2020-24587https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook