VDB
CVE-2020-26140
CVE-2020-26140
PUBLISHED
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
EPSS 0.16% · 36.2th percentile
Risk Scores
EPSS Score
0.16%
36.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:24.04:LTS | linux-nvidia-lowlatency | 0, 6.8.0-1009.9.1, 6.8.0-1011.11.1 |
| Ubuntu:Pro:16.04:LTS | linux-kvm | 4.4.0-1125.135, 0, 4.4.0-1009.14 |
| Ubuntu:Pro:20.04:LTS | linux-intel-iotg-5.15 | *, 5.15.0-1093.99~20.04.1, 5.15.0-1092.98~20.04.1 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-aws-fips | 5.4.0-1021.21+fips2, 0 |
| Ubuntu:25.10 | linux-azure-fde | 6.17.0-1004.4, 0, 6.17.0-1005.5 |
| Ubuntu:Pro:20.04:LTS | linux-nvidia-tegra-5.15 | 5.15.0-1047.47~20.04.1, 5.15.0-1046.46~20.04.1, 5.15.0-1045.45~20.04.1 |
| Ubuntu:22.04:LTS | linux-ibm | 5.15.0-1090.93, 5.15.0-1091.94, 5.15.0-1048.51 |
| Ubuntu:24.04:LTS | linux-oracle-6.17 | *, 6.17.0-1004.4~24.04.2, 0 |
| Ubuntu:24.04:LTS | linux-ibm | 6.8.0-1039.39, 6.8.0-1040.40, 6.8.0-1043.43 |
| Ubuntu:20.04:LTS | linux-riscv-5.11 | 5.11.0-1028.31~20.04.1, 5.11.0-1022.23~20.04.1, 5.11.0-1021.22~20.04.1 |
| Ubuntu:24.04:LTS | linux-oracle-6.14 | 6.14.0-1016.16~24.04.1, 6.14.0-1014.14~24.04.1, 6.14.0-1013.13~24.04.1 |
| Ubuntu:Pro:20.04:LTS | linux-oracle | 5.3.0-1008.9, 5.4.0-1007.7, 5.4.0-1008.8 |
| Ubuntu:24.04:LTS | linux-azure-nvidia-6.14 | 0, 6.14.0-1006.6, 6.14.0-1003.3 |
| Ubuntu:20.04:LTS | linux-gcp-5.13 | 5.13.0-1030.36~20.04.1, 5.13.0-1027.32~20.04.1, 5.13.0-1024.29~20.04.1 |
| Ubuntu:22.04:LTS | linux-aws-5.19 | 5.19.0-1026.27~22.04.1, *, * |
| Ubuntu:24.04:LTS | linux-raspi | 6.8.0-1035.39, 0, 6.7.0-1001.1 |
| Ubuntu:24.04:LTS | linux-gcp-6.17 | *, 0, 6.17.0-1004.4~24.04.3 |
| Ubuntu:20.04:LTS | linux-oracle-5.13 | 5.13.0-1018.22~20.04.1, 5.13.0-1016.20~20.04.1, 5.13.0-1015.19~20.04.1 |
| Ubuntu:Pro:20.04:LTS | linux-ibm | 5.4.0-1061.66, 5.4.0-1100.105, 5.4.0-1099.104 |
| Ubuntu:22.04:LTS | linux-aws-6.2 | 6.2.0-1016.16~22.04.1, 0, 6.2.0-1006.6~22.04.1 |
…and 219 more
Timeline
- CVE Published
- May 12, 2021 EPSS Score
- Jul 15, 2021 EPSS Score
- Jul 23, 2021 PoC Published
- Sep 15, 2021 EPSS Score
- Nov 15, 2021 EPSS Score
- Jan 16, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 19, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 21, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-26140 third-party-advisory
- https://papers.mathyvanhoef.com/usenix2021.pdf third-party-advisory
- https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-26140 third-party-advisory