VDB

CVE-2020-26146

CVE-2020-26146 PUBLISHED

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

EPSS 0.36% · 58.4th percentile

Risk Scores

EPSS Score
0.36%
58.4th percentile

Affected Products

VendorProductVersions
Ubuntu:20.04:LTSlinux-hwe-5.11*, 5.11.0-40.44~20.04.2, 5.11.0-41.45~20.04.1
Ubuntu:20.04:LTSlinux-oracle-5.8*, 5.8.0-1037.38~20.04.1, 5.8.0-1034.35~20.04.2
Ubuntu:24.04:LTSlinux-gkeop6.8.0-1009.11, 6.8.0-1008.10, 6.8.0-1006.8
Ubuntu:22.04:LTSlinux-gcp-6.5*, 0, 6.5.0-1010.10~22.04.3
Ubuntu:Pro:FIPS:18.04:LTSlinux-gcp-fips4.15.0-1001.1, 0
Ubuntu:22.04:LTSlinux-lowlatency-hwe-6.56.5.0-14.14.1~22.04.1, 6.5.0-17.17.1.1.1~22.04.1, 6.5.0-26.26.1~22.04.1
Ubuntu:Pro:18.04:LTSlinux4.15.0-243.255, 4.15.0-45.48, 4.15.0-44.47
Ubuntu:20.04:LTSlinux-oem-5.65.6.0-1054.58, 0, 5.6.0-1008.8
Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-gcp-fips4.15.0-2040.45, 4.15.0-2037.41, 4.15.0-2030.33
Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-fips5.15.0-141.151+fips1, 0, 5.15.0-73.80+fips1
Ubuntu:20.04:LTSlinux-gkeop-5.155.15.0-1018.23~20.04.1, 5.15.0-1015.19~20.04.1, 5.15.0-1013.17~20.04.1
Ubuntu:22.04:LTSlinux-nvidia-6.56.5.0-1023.24, 6.5.0-1022.23, 6.5.0-1021.22
Ubuntu:Pro:FIPS-updates:22.04:LTSlinux-aws-fips5.15.0-1061.67+fips1, 5.15.0-1060.66+fips1, 5.15.0-1081.88+fips1
Ubuntu:Pro:20.04:LTSlinux-hwe-5.155.15.0-41.44~20.04.1, 5.15.0-164.174~20.04.1, 5.15.0-170.180~20.04.3
Ubuntu:24.04:LTSlinux-aws6.8.0-1043.45, 0, 6.6.0-1001.1
Ubuntu:20.04:LTSlinux-riscv-5.85.8.0-25.27~20.04.1, 5.8.0-26.28~20.04.1, *
Ubuntu:20.04:LTSlinux-azure-5.85.8.0-1042.45~20.04.1, 5.8.0-1043.46~20.04.1, *
Ubuntu:Pro:FIPS-updates:20.04:LTSlinux-aws-fips*, *, *
Ubuntu:Pro:18.04:LTSlinux-hwe-5.45.4.0-172.190~18.04.1, 5.4.0-64.72~18.04.1, 5.4.0-62.70~18.04.1
Ubuntu:18.04:LTSlinux-gcp-5.3*, *, 5.3.0-1032.34~18.04.1

…and 219 more

Timeline

  • CVE Published
  • May 12, 2021 EPSS Score
  • Jul 23, 2021 PoC Published
  • Sep 15, 2021 EPSS Score
  • Nov 15, 2021 EPSS Score
  • Jan 16, 2022 EPSS Score
  • Mar 19, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 21, 2022 EPSS Score
  • Nov 22, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 25, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›