cve-2020-24586
Vulnerability from cvelistv5
Published
2021-05-11 00:00
Modified
2024-08-04 15:19
Severity ?
Summary
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
References
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2021/05/11/12Mailing List, Third Party Advisory
cve@mitre.orghttps://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdThird Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2023/04/msg00002.html
cve@mitre.orghttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWuThird Party Advisory
cve@mitre.orghttps://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63Third Party Advisory
cve@mitre.orghttps://www.fragattacks.comExploit, Third Party Advisory
cve@mitre.orghttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/05/11/12Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.mdThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/06/msg00019.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/06/msg00020.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWuThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.fragattacks.comExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.htmlThird Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:19:08.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
          },
          {
            "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.fragattacks.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
          },
          {
            "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
          },
          {
            "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
          },
          {
            "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-01T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html"
        },
        {
          "name": "20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu"
        },
        {
          "url": "https://www.fragattacks.com"
        },
        {
          "url": "https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md"
        },
        {
          "name": "[oss-security] 20210511 various 802.11 security issues - fragattacks.com",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/05/11/12"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html"
        },
        {
          "name": "[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html"
        },
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63"
        },
        {
          "name": "[debian-lts-announce] 20230401 [SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-24586",
    "datePublished": "2021-05-11T00:00:00",
    "dateReserved": "2020-08-21T00:00:00",
    "dateUpdated": "2024-08-04T15:19:08.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-24586\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-05-11T20:15:08.537\",\"lastModified\":\"2024-11-21T05:15:03.803\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.\"},{\"lang\":\"es\",\"value\":\"El est\u00e1ndar 802.11 que sustenta a Wi-Fi Protected Access (WPA, WPA2, y WPA3) y Wired Equivalent Privacy (WEP) no requiere que los fragmentos recibidos se borren de la memoria despu\u00e9s de (re)conectarse a una red.\u0026#xa0;En las circunstancias adecuadas, cuando otro dispositivo env\u00eda tramas fragmentadas cifradas mediante WEP, CCMP o GCMP, se puede abusar de esto para inyectar paquetes de red arbitrarios y/o exfiltrar datos del usuario\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":2.9,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":5.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA94FAA4-9BBF-402D-8B33-20A5E8AAFC5D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linux:mac80211:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20B7EA3B-CCBA-4483-9BDD-DC8ED8689A22\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"B22D5837-A2CC-41AB-8252-1724345AEDC5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE97F0AD-8658-476A-8E22-DA67A5FD9F73\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"4180BE58-3CA0-4FFD-B5BE-44E36FDE5F89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A006A8BD-D56E-40C2-ADD2-C11759153808\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"59BE4F3A-477A-4DE9-B293-F2AF2CCED9A3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B18F4E-4968-493A-BC90-5D8D7F619F39\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.1-31\",\"matchCriteriaId\":\"96A0A5F0-B046-4B53-92BC-D21705B1597C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54878C0D-8842-490F-B556-76AF47A65891\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.0.0-36\",\"matchCriteriaId\":\"C62FEC63-9790-44DF-8AA0-050E89E883B1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F81C550-CE6F-4E68-A088-5EC0CEF40600\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax210_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"1C073E29-FABA-4A07-A833-0E0A2CA5C9F4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F226D74C-4A48-4AC0-A565-A00D555E27D6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax201_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"3A5420D2-2979-4BA7-8BF5-2F522CCE3C74\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4649D446-130B-4B31-B9ED-BA7F9F7EEB8F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"7EC9FE51-D078-41C0-80DB-21820AD151C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9903E2E-A670-40D4-8B9F-D2C0CFDBFC9F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9560_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"D239D907-FE04-4E02-B4BF-7F0A24CCC781\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D382D4A1-C8FD-4B47-B2C4-145232EC8AC5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9462_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"EDD21C53-CCBA-43FD-9DF7-A087705EC26E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E89EB0D-233A-486A-BDAE-F5726432CD7E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9461_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"19F30CC4-1D90-4298-BE72-307F8CD9C8E4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A11E55E8-5FA9-4ED7-AB61-03F22EE1759B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_9260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.30.0.11\",\"matchCriteriaId\":\"F8D25023-2C51-4186-BEE6-0C1096181C7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2795E42-D044-4D48-BCB2-61CC1A3471B1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_8265_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.70.21.2\",\"matchCriteriaId\":\"1091737E-15B8-4F29-AFC7-DAB19B4736DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C08E2F3E-C4B5-4227-A88D-C50E209A12CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_8260_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.70.21.2\",\"matchCriteriaId\":\"33EF2DC9-CD1E-43C1-88AF-9E83E2E4EC81\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5A8F30C-6BB7-4CC6-ADBE-1859DAF66C58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_3168_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.51.33.1\",\"matchCriteriaId\":\"9F779EAF-1408-4994-9701-CE24AC5FB8A9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5B2BCE-2D8A-440C-B866-76E035314022\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_7265_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.51.33.1\",\"matchCriteriaId\":\"FE6B04BC-69A8-469C-8364-F8CA6F5B09D2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9F1CE7-8F14-4526-A857-7B954EC4BB6F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_3165_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"19.51.33.1\",\"matchCriteriaId\":\"42A7C347-86AF-4397-B227-C636D352CB87\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"197A3DA1-B8EF-438F-B933-32253C43C8EE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax1675_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DAB2B67-5C39-4438-8E36-3F740A697599\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax1675:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F407ACA-0952-4717-A302-2D5CEB6DB111\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ax1650_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B39FB813-1EC0-4B5C-B8CB-F5129DBF94C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B944F7-4A5F-41D0-A910-6F978F66CAA0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:intel:ac_1550_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A66D96C8-7C0D-4615-B825-A15DBB37B920\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12419474-DB56-462D-9116-3614A4BBAF20\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.4\",\"versionEndExcluding\":\"4.4.271\",\"matchCriteriaId\":\"C2C083CF-3D4D-4AF0-8461-835F6AC264CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.9\",\"versionEndExcluding\":\"4.9.271\",\"matchCriteriaId\":\"11580478-2F79-45B8-9BC0-FEF28259A4F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.14.235\",\"matchCriteriaId\":\"970E3D3C-8829-4599-95A7-AC63136CE48E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19\",\"versionEndExcluding\":\"4.19.193\",\"matchCriteriaId\":\"FC7D3563-5878-403A-9BB7-6C44E6FE10A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.4\",\"versionEndExcluding\":\"5.4.124\",\"matchCriteriaId\":\"01D49B11-5E8A-427F-B9BE-8A5174DEDD65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.10\",\"versionEndExcluding\":\"5.10.42\",\"matchCriteriaId\":\"B39B1E70-2AF7-4482-9ADF-45A1C04A4BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12\",\"versionEndExcluding\":\"5.12.9\",\"matchCriteriaId\":\"3B1CFA77-6B5E-430C-AC49-3B3508F2D903\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/11/12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.fragattacks.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/05/11/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.fragattacks.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.