CVE-2020-24586Improper Removal of Sensitive Information Before Storage or Transfer in C-200 Firmware

CWE-212Improper Removal of Sensitive Information Before Storage or TransferCWE-345Insufficient Verification of Data AuthenticityCWE-772Missing Release of Resource after Effective LifetimeCWE-99Resource Injection17 documents9 sources
Severity
3.5LOWNVD
EPSS
1.5%
top 19.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
19
Linux KernelArista C-200 FirmwareArista C-230 Firmware+16 more
Timeline
PublishedMay 11
Latest updateMay 24

Description

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages19 packages

NVDlinux/linux_kernel4.44.4.271+6
NVDintel/ax200_firmware< 22.30.0.11
NVDintel/ax201_firmware< 22.30.0.11
NVDintel/ax210_firmware< 22.30.0.11
NVDarista/c-200_firmware< 11.0.0-36

Also affects: Debian Linux 9.0

🔴Vulnerability Details

6
GHSA
GHSA-85mg-8m94-9jrr: The 8022022-05-24
OSV
linux-oem-5.10 vulnerabilities2021-06-23
Kernel
mac80211: prevent mixed key and fragment cache attacks2021-05-11
CVEList
CVE-2020-24586: The 8022021-05-11
OSV
CVE-2020-24586: The 8022021-05-11

📋Vendor Advisories

10
Ubuntu
Linux kernel vulnerabilities2021-07-20
Ubuntu
Linux kernel (KVM) vulnerabilities2021-06-25
Ubuntu
Linux kernel (KVM) vulnerabilities2021-06-25
Ubuntu
Linux kernel vulnerabilities2021-06-23
Ubuntu
Linux kernel (OEM) vulnerabilities2021-06-23
CVE-2020-24586 — Arista C-200 Firmware vulnerability | cvebase