CVE-2020-26139
Public on 2021-05-11
Modified on 2022-01-10
Description
Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 2 - Kernel-5.10 Extra | kernel | 2022-01-20 | ALAS2KERNEL-5.10-2022-002 | Fixed |
| Amazon Linux 2 - Kernel-5.4 Extra | kernel | 2022-01-12 | ALAS2KERNEL-5.4-2022-004 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 3.5 | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
| NVD | CVSSv2 | 2.9 | AV:A/AC:M/Au:N/C:N/I:N/A:P |
| NVD | CVSSv3 | 5.3 | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |