VDB
CVE-2020-26143
CVE-2020-26143
PUBLISHED
An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
EPSS 0.40% · 61.1th percentile
Risk Scores
EPSS Score
0.40%
61.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:22.04:LTS | linux-xilinx-zynqmp | 5.15.0-1030.34, 5.15.0-1025.29, 5.15.0-1023.27 |
| Ubuntu:20.04:LTS | linux-oracle-5.8 | *, *, 5.8.0-1037.38~20.04.1 |
| Ubuntu:24.04:LTS | linux-riscv | 6.8.0-41.41.1, 6.8.0-39.39.1, 6.8.0-38.38.1 |
| Ubuntu:22.04:LTS | linux-nvidia-tegra-igx | 5.15.0-1009.9, 5.15.0-1042.42, 5.15.0-1028.28 |
| Ubuntu:22.04:LTS | linux-intel-iotg | 5.15.0-1039.45, 5.15.0-1027.32, 5.15.0-1073.79 |
| Ubuntu:22.04:LTS | linux-lowlatency-hwe-6.2 | *, 6.2.0-1011.11~22.04.1, 6.2.0-1012.12~22.04.1 |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.3.0-1014.16, 0, 5.3.0-1015.17 |
| Ubuntu:Pro:16.04:LTS | linux-aws | 4.4.0-1119.133, 4.4.0-1117.131, 4.4.0-1114.127 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-fips | 5.4.0-1007.8, 0 |
| Ubuntu:18.04:LTS | linux-aws-5.3 | 0, 5.3.0-1032.34~18.04.2, 5.3.0-1030.32~18.04.1 |
| Ubuntu:22.04:LTS | linux-lowlatency-hwe-5.19 | 0, *, 5.19.0-1030.30 |
| Ubuntu:24.04:LTS | linux-azure-6.11 | 6.11.0-1015.15~24.04.1, *, 0 |
| Ubuntu:22.04:LTS | linux | 5.15.0-89.99, 5.15.0-17.17, 5.15.0-18.18 |
| Ubuntu:22.04:LTS | linux-starfive-6.5 | 0, 6.5.0-1007.8~22.04.1, 6.5.0-1010.11~22.04.1 |
| Ubuntu:20.04:LTS | linux-azure-fde | *, *, * |
| Ubuntu:Pro:14.04:LTS | linux-lts-xenial | 0, 4.4.0-13.29~14.04.1, 4.4.0-15.31~14.04.1 |
| Ubuntu:24.04:LTS | linux-nvidia | 6.8.0-1041.44, 6.8.0-1015.16, 6.8.0-1014.15 |
| Ubuntu:22.04:LTS | linux-azure-fde | 5.15.0-1068.77.1, 5.15.0-1067.76.1, 5.15.0-1065.74.1 |
| Ubuntu:Pro:FIPS-updates:22.04:LTS | linux-azure-fips | *, 5.15.0-1091.100+fips1, 5.15.0-1094.103+fips1 |
| Ubuntu:22.04:LTS | linux-realtime | 5.15.0-1032.35, 0 |
…and 219 more
Exploit Intelligence
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- Trinadh465/linux-4.1.15_CVE-2017-1000371 (github-poc)
- CVE-2017-1000367 (github-poc)
- CVE-2017-1000367 (github-poc)
…and 34 more exploits
Timeline
- CVE Published
- May 12, 2021 EPSS Score
- Jul 23, 2021 PoC Published
- Sep 15, 2021 EPSS Score
- Nov 15, 2021 EPSS Score
- Jan 16, 2022 EPSS Score
- Mar 19, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 21, 2022 EPSS Score
- Nov 22, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-26143 third-party-advisory
- https://papers.mathyvanhoef.com/usenix2021.pdf third-party-advisory
- https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-26143 third-party-advisory