CVE-2020-26139

Name of the Vulnerable Software and Affected Versions NetBSD version 7.1

Description An issue was discovered in the kernel where an Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. The vulnerability is related to the implementation of the Extensible Authentication Protocol over LAN (EAPOL) and is associated with deficiencies in the authentication procedure, which could allow a remote attacker to cause a denial of service.

Recommendations For NetBSD version 7.1, consider disabling the EAPOL frame forwarding feature until a patch is available to prevent potential denial-of-service attacks. Restrict access to the network to minimize the risk of exploitation. Avoid using the affected kernel in projected Wi-Fi networks until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.