VDB

DEBIAN-CVE-2020-26145

DEBIAN-CVE-2020-26145 PUBLISHED CVSS 6.5 MEDIUM

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Risk Scores

CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

VendorProductVersions
Debian:12linux0, 0, 0
Debian:11linux0, 0, 0
Debian:14linux0, 0, 0
Debian:13linux0, 0, 0

Timeline

  • May 11, 2021 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›