VDB
CVE-2020-26142
CVE-2020-26142
PUBLISHED
An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
EPSS 1.53% · 81.7th percentile
Risk Scores
EPSS Score
1.53%
81.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:25.10 | linux-riscv | 0, 6.17.0-4.4.1, 6.17.0-5.5.1 |
| Ubuntu:Pro:18.04:LTS | linux-ibm-5.4 | 5.4.0-1096.101~18.04.1, 5.4.0-1095.100~18.04.1, * |
| Ubuntu:18.04:LTS | linux-oracle-5.0 | 5.0.0-1011.16, 5.0.0-1014.19, * |
| Ubuntu:20.04:LTS | linux-riscv | 5.4.0-36.41, 5.4.0-34.38, 5.4.0-26.30 |
| Ubuntu:Pro:FIPS-updates:22.04:LTS | linux-fips | 5.15.0-157.167+fips1, 5.15.0-156.166+fips1, 5.15.0-153.163+fips1 |
| Ubuntu:Pro:18.04:LTS | linux | 4.15.0-70.79, 4.15.0-106.107, 4.15.0-156.163 |
| Ubuntu:Pro:20.04:LTS | linux-oracle-5.15 | 5.15.0-1016.20~20.04.1, 5.15.0-1013.17~20.04.1, 5.15.0-1007.9~20.04.1 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-fips | 5.4.0-1072.81, 5.4.0-1069.78, 5.4.0-1068.77 |
| Ubuntu:Pro:18.04:LTS | linux-gcp-4.15 | 4.15.0-1080.90, 4.15.0-1078.88, 4.15.0-1077.87 |
| Ubuntu:24.04:LTS | linux-ibm | 6.8.0-1024.24, 0, 6.5.0-1009.9 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-aws-fips | 0, 5.4.0-1021.21+fips2 |
| Ubuntu:20.04:LTS | linux-gkeop-5.15 | 5.15.0-1037.43~20.04.1, 5.15.0-1049.56~20.04.1, 5.15.0-1048.55~20.04.1 |
| Ubuntu:22.04:LTS | linux-gcp-6.5 | *, *, 6.5.0-1025.27~22.04.1 |
| Ubuntu:22.04:LTS | linux-ibm | 5.15.0-1085.88, 5.15.0-1010.12, 5.15.0-1012.14 |
| Ubuntu:Pro:FIPS-preview:22.04:LTS | linux-azure-fips | 0, 5.15.0-1053.61+fips1 |
| Ubuntu:22.04:LTS | linux-nvidia-tegra-igx | 5.15.0-1029.29, 5.15.0-1030.30, 5.15.0-1032.32 |
| Ubuntu:Pro:20.04:LTS | linux-iot | 5.4.0-1013.15, 5.4.0-1012.14, 5.4.0-1045.46 |
| Ubuntu:22.04:LTS | linux-kvm | 5.15.0-1083.88, 5.15.0-1010.11, 5.15.0-1086.91 |
| Ubuntu:Pro:18.04:LTS | linux-oracle | 4.15.0-1113.124, 4.15.0-1091.100, 4.15.0-1090.99 |
| Ubuntu:22.04:LTS | linux-aws-6.8 | 6.8.0-1031.33~22.04.1, 6.8.0-1029.31~22.04.1, 6.8.0-1028.30~22.04.1 |
…and 219 more
Exploit Intelligence
Timeline
- CVE Published
- May 12, 2021 EPSS Score
- Jun 13, 2021 EPSS Score
- Jul 23, 2021 PoC Published
- Sep 15, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 16, 2022 EPSS Score
- Mar 19, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 21, 2022 EPSS Score
- Jan 23, 2023 EPSS Score
- Mar 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-26142 third-party-advisory
- https://papers.mathyvanhoef.com/usenix2021.pdf third-party-advisory
- https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-26142 third-party-advisory