MNBSD-2022-2: FragAttacks: 802.11 frame aggregation/fragmentation design flaws in the wireless stack

Severity: Unknown

Affected Package: kernel

Summary: FragAttacks: 802.11 frame aggregation/fragmentation design flaws in the wireless stack

Description

The 802.11 (net80211) wireless stack was affected by the "Fragment and Forge" (FragAttacks) design and implementation flaws in 802.11 frame aggregation and fragmentation handling, together with missing length validation of SSID and information elements. Under certain conditions a nearby attacker may be able to extract sensitive data or inject packets, though abuse generally requires user interaction or is only possible when using uncommon network settings.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2020-26147, CVE-2020-24588, CVE-2020-26144

Published: March 15, 2022
Last Modified: March 15, 2022