PT-2021-3317 · Unknown+10 · Ieee 802.11+10

Published

2016-03-17

·

Updated

2025-01-06

·

CVE-2020-24586

CVSS v3.1

3.5

Low

VectorAV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions IEEE 802.11 standard implementations (affected versions not specified)
Description The issue exists due to insufficient input validation in the implementation of WEP, WPA, WPA2, and WPA3 standards for IEEE 802.11 communication. This can allow a remote attacker to inject arbitrary network packets and/or compromise the integrity of protected information by using specially crafted fragmented frames encrypted with WEP, CCMP, or GCMP. The 802.11 standard does not require that received fragments be cleared from memory after reconnecting to a network, which can be abused under the right circumstances.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2021:4356
ALT-PU-2016-1262
ALT-PU-2017-1299
ALT-PU-2018-1557
ALT-PU-2019-1139
ALT-PU-2019-1363
ALT-PU-2020-1145
ALT-PU-2020-1251
ALT-PU-2020-2164
ALT-PU-2021-1447
ALT-PU-2021-1525
ALT-PU-2021-1869
ALT-PU-2021-1917
ALT-PU-2021-1920
ALT-PU-2021-1946
ALT-PU-2021-1948
ALT-PU-2021-1961
ALT-PU-2021-1990
ALT-PU-2021-2026
ALT-PU-2021-2165
ALT-PU-2021-2293
ALT-PU-2021-2305
ALT-PU-2021-2307
ALT-PU-2021-2315
ALT-PU-2021-2326
ALT-PU-2021-2330
ALT-PU-2021-2370
ALT-PU-2021-2671
ALT-PU-2021-2672
ALT-PU-2021-2677
ALT-PU-2021-2678
ALT-PU-2021-2737
ALT-PU-2021-2751
ALT-PU-2022-1240
ALT-PU-2022-2096
BDU:2021-03095
CESA-2021_4140
CESA-2021_4356
CVE-2020-24586
DLA-2689-1
DLA-2690-1
DLA-3380-1
MGASA-2021-0257
MGASA-2021-0258
OPENSUSE-SU-2021:0843-1
OPENSUSE-SU-2021:0947-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0843-1
OPENSUSE-SU-2021_0947-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_4140
RHSA-2021_4356
SUSE-SU-2021:14764-1
SUSE-SU-2021:1887-1
SUSE-SU-2021:1888-1
SUSE-SU-2021:1889-1
SUSE-SU-2021:1890-1
SUSE-SU-2021:1891-1
SUSE-SU-2021:1899-1
SUSE-SU-2021:1912-1
SUSE-SU-2021:1913-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2021:2208-1
SUSE-SU-2021:2406-1
SUSE-SU-2021:2421-1
SUSE-SU-2021:2451-1
SUSE-SU-2021_14764-1
SUSE-SU-2021_1887-1
SUSE-SU-2021_1888-1
SUSE-SU-2021_1889-1
SUSE-SU-2021_1890-1
SUSE-SU-2021_1891-1
SUSE-SU-2021_1912-1
SUSE-SU-2021_1913-1
SUSE-SU-2021_2208-1
USN-4997-1
USN-4997-2
USN-4999-1
USN-5000-1
USN-5000-2
USN-5001-1
USN-5018-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Check Point Gaia
Debian
Ieee 802.11
Linuxmint
Red Hat
Suse
Ubuntu