Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2021-AVI-535
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-SP4-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | N/A | SUSE MicroOS 5.0 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 11-EXTRA | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE MicroOS 5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 11-EXTRA",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2021-34693",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34693"
},
{
"name": "CVE-2021-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29154"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2021-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0605"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23133"
},
{
"name": "CVE-2019-25045",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25045"
},
{
"name": "CVE-2020-24586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24586"
},
{
"name": "CVE-2021-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0129"
},
{
"name": "CVE-2020-36386",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36386"
},
{
"name": "CVE-2021-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-33624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33624"
},
{
"name": "CVE-2021-32399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32399"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-535",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212324-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212324-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212349-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212349-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212361-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212361-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212344-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212344-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212367-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212367-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212352-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212352-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212372-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212372-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212325-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212325-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212366-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212366-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212368-1 du 15 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212368-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212332-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212332-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212303-1 du 13 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212303-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-202114764-1 du 13 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-202114764-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20212321-1 du 14 juillet 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212321-1/"
}
]
}
CVE-2019-25045 (GCVE-0-2019-25045)
Vulnerability from cvelistv5 – Published: 2021-06-07 19:19 – Updated: 2024-08-05 03:00
VLAI
EPSS
Summary
An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan… | x_refsource_MISC |
| https://syzkaller.appspot.com/bug?id=f99edaeec58a… | x_refsource_MISC |
| https://sites.google.com/view/syzscope/warning-in… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021072… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.027Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210720-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-20T10:06:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210720-0003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-25045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19"
},
{
"name": "https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896",
"refsource": "MISC",
"url": "https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896"
},
{
"name": "https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2",
"refsource": "MISC",
"url": "https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210720-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210720-0003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-25045",
"datePublished": "2021-06-07T19:19:06.000Z",
"dateReserved": "2021-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:00:19.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24586 (GCVE-0-2020-24586)
Vulnerability from cvelistv5 – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI
EPSS
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | |
| https://tools.cisco.com/security/center/content/C… | vendor-advisory |
| https://www.fragattacks.com | |
| https://github.com/vanhoefm/fragattacks/blob/mast… | |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-list |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-list |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-list |
| https://www.arista.com/en/support/advisories-noti… | |
| https://lists.debian.org/debian-lts-announce/2023… | mailing-list |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24586",
"datePublished": "2021-05-11T00:00:00.000Z",
"dateReserved": "2020-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:19:08.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24587 (GCVE-0-2020-24587)
Vulnerability from cvelistv5 – Published: 2021-05-11 00:00 – Updated: 2024-08-04 15:19
VLAI
EPSS
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | |
| https://tools.cisco.com/security/center/content/C… | vendor-advisory |
| https://www.fragattacks.com | |
| https://github.com/vanhoefm/fragattacks/blob/mast… | |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-list |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-list |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-list |
| https://www.arista.com/en/support/advisories-noti… | |
| https://lists.debian.org/debian-lts-announce/2023… | mailing-list |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24587",
"datePublished": "2021-05-11T00:00:00.000Z",
"dateReserved": "2020-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:19:08.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-24588 (GCVE-0-2020-24588)
Vulnerability from cvelistv5 – Published: 2021-05-11 00:00 – Updated: 2026-04-14 08:48
VLAI
EPSS
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | |
| https://tools.cisco.com/security/center/content/C… | vendor-advisory |
| https://www.fragattacks.com | |
| https://github.com/vanhoefm/fragattacks/blob/mast… | |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-list |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-list |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-list |
| https://cert-portal.siemens.com/productcert/pdf/s… | |
| https://www.arista.com/en/support/advisories-noti… | |
| https://lists.debian.org/debian-lts-announce/2023… | mailing-list |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:08.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SCALANCE W1748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1750D (JP)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.7.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1750D (ROW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.7.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1750D (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.7.1.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-2 EEC M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-2IA M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T08:48:59.636Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-01T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
},
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"url": "https://www.fragattacks.com"
},
{
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
},
{
"name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24588",
"datePublished": "2021-05-11T00:00:00.000Z",
"dateReserved": "2020-08-21T00:00:00.000Z",
"dateUpdated": "2026-04-14T08:48:59.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-26139 (GCVE-0-2020-26139)
Vulnerability from cvelistv5 – Published: 2021-05-11 19:37 – Updated: 2026-04-14 08:49
VLAI
EPSS
Summary
An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| https://www.fragattacks.com | x_refsource_MISC |
| https://github.com/vanhoefm/fragattacks/blob/mast… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2021/0… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.arista.com/en/support/advisories-noti… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:49:07.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SCALANCE W1748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-2 EEC M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W1788-2IA M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W721-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W722-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W734-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W738-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W748-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W761-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W774-1 RJ45 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W778-1 M12 EEC (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2 SFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W786-2IA RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-1 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 M12 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE W788-2 RJ45",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.6.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V1.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T08:49:01.511Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019200.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-28T14:09:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.fragattacks.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
},
{
"name": "https://www.fragattacks.com",
"refsource": "MISC",
"url": "https://www.fragattacks.com"
},
{
"name": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
},
{
"name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26139",
"datePublished": "2021-05-11T19:37:55.000Z",
"dateReserved": "2020-09-29T00:00:00.000Z",
"dateUpdated": "2026-04-14T08:49:01.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-26558 (GCVE-0-2020-26558)
Vulnerability from cvelistv5 – Published: 2021-05-24 17:22 – Updated: 2025-11-04 19:12
VLAI
EPSS
Summary
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://www.bluetooth.com/learn-about-bluetooth/k… | x_refsource_MISC |
| https://kb.cert.org/vuls/id/799380 | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://www.intel.com/content/www/us/en/security-… | x_refsource_CONFIRM |
| https://www.intel.com/content/www/us/en/security-… | x_refsource_CONFIRM |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://www.debian.org/security/2021/dsa-4951 | vendor-advisoryx_refsource_DEBIAN |
| https://security.gentoo.org/glsa/202209-16 | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:12:18.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/799380"
},
{
"name": "FEDORA-2021-a35b44fd9f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html"
},
{
"name": "DSA-4951",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4951"
},
{
"name": "GLSA-202209-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202209-16"
},
{
"url": "https://www.kb.cert.org/vuls/id/799380"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-29T16:07:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.cert.org/vuls/id/799380"
},
{
"name": "FEDORA-2021-a35b44fd9f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html"
},
{
"name": "DSA-4951",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4951"
},
{
"name": "GLSA-202209-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202209-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-26558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/",
"refsource": "MISC",
"url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"
},
{
"name": "https://kb.cert.org/vuls/id/799380",
"refsource": "MISC",
"url": "https://kb.cert.org/vuls/id/799380"
},
{
"name": "FEDORA-2021-a35b44fd9f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html"
},
{
"name": "DSA-4951",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4951"
},
{
"name": "GLSA-202209-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202209-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-26558",
"datePublished": "2021-05-24T17:22:16.000Z",
"dateReserved": "2020-10-04T00:00:00.000Z",
"dateUpdated": "2025-11-04T19:12:18.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36385 (GCVE-0-2020-36385)
Vulnerability from cvelistv5 – Published: 2021-06-07 00:00 – Updated: 2024-08-04 17:23
VLAI
EPSS
Summary
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://syzkaller.appspot.com/bug?id=457491c4672d… | |
| https://sites.google.com/view/syzscope/kasan-use-… | |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | |
| https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan… | |
| https://security.netapp.com/advisory/ntap-2021072… | |
| https://www.starwindsoftware.com/security/sw-2022… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6"
},
{
"tags": [
"x_transferred"
],
"url": "https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1"
},
{
"tags": [
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210720-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.starwindsoftware.com/security/sw-20220802-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6"
},
{
"url": "https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1"
},
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210720-0004/"
},
{
"url": "https://www.starwindsoftware.com/security/sw-20220802-0002/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-36385",
"datePublished": "2021-06-07T00:00:00.000Z",
"dateReserved": "2021-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:23:10.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36386 (GCVE-0-2020-36386)
Vulnerability from cvelistv5 – Published: 2021-06-07 19:20 – Updated: 2024-08-04 17:23
VLAI
EPSS
Summary
An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan… | x_refsource_MISC |
| https://syzkaller.appspot.com/text?tag=ReproC&x=1… | x_refsource_MISC |
| https://sites.google.com/view/syzscope/kasan-slab… | x_refsource_MISC |
| https://git.kernel.org/pub/scm/linux/kernel/git/t… | x_refsource_MISC |
| https://syzkaller.appspot.com/bug?id=4bf11aa05c4c… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://syzkaller.appspot.com/text?tag=ReproC\u0026x=15ca2f46900000"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-07T19:20:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://syzkaller.appspot.com/text?tag=ReproC\u0026x=15ca2f46900000"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-36386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.1",
"refsource": "MISC",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8.1"
},
{
"name": "https://syzkaller.appspot.com/text?tag=ReproC\u0026x=15ca2f46900000",
"refsource": "MISC",
"url": "https://syzkaller.appspot.com/text?tag=ReproC\u0026x=15ca2f46900000"
},
{
"name": "https://sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt",
"refsource": "MISC",
"url": "https://sites.google.com/view/syzscope/kasan-slab-out-of-bounds-read-in-hci_extended_inquiry_result_evt"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51c19bf3d5cfaa66571e4b88ba2a6f6295311101"
},
{
"name": "https://syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2",
"refsource": "MISC",
"url": "https://syzkaller.appspot.com/bug?id=4bf11aa05c4ca51ce0df86e500fce486552dc8d2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-36386",
"datePublished": "2021-06-07T19:20:02.000Z",
"dateReserved": "2021-06-07T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:23:10.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0129 (GCVE-0-2021-0129)
Vulnerability from cvelistv5 – Published: 2021-06-09 19:50 – Updated: 2024-08-03 15:32
VLAI
EPSS
Summary
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
Severity
No CVSS data available.
CWE
- information disclosure
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://www.intel.com/content/www/us/en/security-… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
| https://security.netapp.com/advisory/ntap-2021071… | x_refsource_CONFIRM |
| https://www.debian.org/security/2021/dsa-4951 | vendor-advisoryx_refsource_DEBIAN |
| https://security.gentoo.org/glsa/202209-16 | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:32:09.439Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210716-0002/"
},
{
"name": "DSA-4951",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4951"
},
{
"name": "GLSA-202209-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202209-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BlueZ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-29T16:07:23.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210716-0002/"
},
{
"name": "DSA-4951",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4951"
},
{
"name": "GLSA-202209-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202209-16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2021-0129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BlueZ",
"version": {
"version_data": [
{
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
},
{
"name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
},
{
"name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210716-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210716-0002/"
},
{
"name": "DSA-4951",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4951"
},
{
"name": "GLSA-202209-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202209-16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2021-0129",
"datePublished": "2021-06-09T19:50:59.000Z",
"dateReserved": "2020-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T15:32:09.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-0512 (GCVE-0-2021-0512)
Vulnerability from cvelistv5 – Published: 2021-06-21 16:01 – Updated: 2024-08-03 15:40
VLAI
EPSS
Summary
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
Severity
No CVSS data available.
CWE
- Elevation of privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2021-06-01 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:40:01.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2021-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-21T16:01:27.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://source.android.com/security/bulletin/2021-06-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2021-0512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2021-06-01",
"refsource": "MISC",
"url": "https://source.android.com/security/bulletin/2021-06-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2021-0512",
"datePublished": "2021-06-21T16:01:27.000Z",
"dateReserved": "2020-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T15:40:01.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…