Wind River Support Network

HomeDefectsLIN1021-411
Fixed

LIN1021-411 : Security Advisory - linux - CVE-2020-26145

Created: May 27, 2021    Updated: Jul 12, 2021
Resolved Date: Jul 12, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=65c415a144ad8132b6a6d97d4a1919ffc728e2d1


CREATE(Triage):(User=admin) [CVE-2020-26145|https://nvd.nist.gov/vuln/detail/CVE-2020-26145]

CVEs


Live chat
Online