CVE-2020-24587
medium
CVSS v3
—
CVSS v2
—
VIR risk
5.5
Description
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2021-4356.html
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2020-24587
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2020-24587.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| arch | fixed | 5.12.9.hardened1-1 | |
| sles | affected | | |
| debian | bookworm | fixed | 20210818-1 |
| debian | forky | fixed | 20210818-1 |
| debian | sid | fixed | 20210818-1 |
| debian | trixie | fixed | 20210818-1 |
| debian | bullseye | fixed | 5.10.46-1 |
References
Verify integrity in audit chain (admin only). AS-IS.