The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:M/Au:N/C:P/I:N/A:N
Vendors Products
Arista
  • C-200
  • C-235 Firmware
  • C-260 Firmware
  • C-250 Firmware
  • C-235
  • C-200 Firmware
  • C-230 Firmware
  • C-230
  • C-250
  • C-260
Intel
  • Ac 9260 Firmware
  • Ac 9560 Firmware
  • Ac 9560
  • Ax201 Firmware
  • Ac 3165
  • Ac 3165 Firmware
  • Ac 7265
  • Ac 1550 Firmware
  • Ac 9461 Firmware
  • Ax200 Firmware
  • Ax210
  • Ac 1550
  • Ac 9461
  • Ac 9462 Firmware
  • Ax1650 Firmware
  • Ax210 Firmware
  • Ax1675 Firmware
  • Ac 7265 Firmware
  • Ax1675
  • Ax201
  • Ac 8260
  • Ac 9462
  • Ax200
  • Ac 8265 Firmware
  • Ac 8260 Firmware
  • Ac 3168 Firmware
  • Ac 9260
  • Ac 8265
  • Ac 3168
  • Ax1650
Linux
  • Mac80211
  • Linux Kernel
Ieee
  • Ieee 802.11
Debian
  • Debian Linux

Configuration 1 [-]

cpe:2.3:a:ieee:ieee_802.11:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:linux:mac80211:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:arista:c-250_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:c-250:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:arista:c-260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:c-260:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:c-230:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:arista:c-235_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:c-235:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:arista:c-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:c-200:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:intel:ax210_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ax210:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:intel:ax201_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ax201:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:intel:ax200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ax200:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:intel:ac_9560_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_9560:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:intel:ac_9462_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_9462:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:intel:ac_9461_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_9461:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:intel:ac_9260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_9260:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:intel:ac_8265_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_8265:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:intel:ac_8260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_8260:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:intel:ac_3168_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_3168:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:intel:ac_7265_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_7265:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:intel:ac_3165_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_3165:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:intel:ax1675_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ax1675:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:intel:ax1650_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ax1650:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:intel:ac_1550_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:intel:ac_1550:-:*:*:*:*:*:*:*

Configuration 24 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References
Link Resource
http://www.openwall.com/lists/oss-security/2021/05/11/12 Mailing List Third Party Advisory
https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63 Third Party Advisory
https://www.fragattacks.com Exploit Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-05-11T00:00:00

Updated: 2023-04-01T00:00:00

Reserved: 2020-08-21T00:00:00

Link: CVE-2020-24586

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2021-05-11T20:15:08.537

Modified: 2023-04-01T22:15:07.357

Link: CVE-2020-24586

JSON object: View

cve-icon Redhat Information

No data.

CWE