ID

VAR-202105-1431


CVE

CVE-2020-24588


TITLE

IEEE 802.11  Vulnerabilities related to lack of certification for critical functions in standards

Trust: 0.8

sources: JVNDB: JVNDB-2021-006877

DESCRIPTION

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. IEEE 802.11 The standard has vulnerabilities related to lack of certification for critical functions.Information may be tampered with. A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device. (CVE-2020-24586) A flaw was found in the Linux kernel's WiFi implementation. An attacker within the wireless range can abuse a logic flaw in the WiFi implementation by reassembling packets from multiple fragments under different keys, treating them as valid. This flaw allows an malicious user to send a fragment under an incorrect key, treating them as a valid fragment under the new key. The highest threat from this vulnerability is to confidentiality. (CVE-2020-24587) A flaw was found in the Linux kernels wifi implementation. An attacker within wireless broadcast range can inject custom data into the wireless communication circumventing checks on the data. This can cause the frame to pass checks and be considered a valid frame of a different type. (CVE-2020-24588) Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP. (CVE-2020-26139) A vulnerability was found in Linux kernel's WiFi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. (CVE-2020-26141) A flaw was found in ath10k_htt_rx_proc_rx_frag_ind_hl in drivers/net/wireless/ath/ath10k/htt_rx.c in the Linux kernel WiFi implementations, where it accepts a second (or subsequent) broadcast fragments even when sent in plaintext and then process them as full unfragmented frames. The highest threat from this vulnerability is to integrity. (CVE-2020-26145) A flaw was found in ieee80211_rx_h_defragment in net/mac80211/rx.c in the Linux Kernel's WiFi implementation. This vulnerability can be abused to inject packets or exfiltrate selected fragments when another device sends fragmented frames, and the WEP, CCMP, or GCMP data-confidentiality protocol is used. The highest threat from this vulnerability is to integrity. (CVE-2020-26147) A flaw was found in the Linux kernel in certs/blacklist.c, When signature entries for EFI_CERT_X509_GUID are contained in the Secure Boot Forbidden Signature Database, the entries are skipped. This can cause a security threat and breach system integrity, confidentiality and even lead to a denial of service problem. (CVE-2020-26541) A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge. (CVE-2020-26558) A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity. (CVE-2021-0129) A flaw was found in the Linux kernel's KVM implementation, where improper handing of the VM_IO|VM_PFNMAP VMAs in KVM bypasses RO checks and leads to pages being freed while still accessible by the VMM and guest. This flaw allows users who can start and control a VM to read/write random pages of memory, resulting in local privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, and system availability. (CVE-2021-22543) A flaw was found in the Linux kernel's handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-32399) A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface (HCI) in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet still used in other places. The highest threat from this vulnerability is to data integrity, confidentiality and system availability. (CVE-2021-33034) The canbus filesystem in the Linux kernel contains an information leak of kernel memory to devices on the CAN bus network link layer. An attacker with the ability to dump messages on the CAN bus is able to learn of uninitialized stack values by dumbing messages on the can bus. (CVE-2021-34693) An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel. A bounds check failure allows a local malicious user to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-3506) A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. (CVE-2021-3564) A flaw use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-3573) A flaw was found in the Linux kernels NFC implementation, A NULL pointer dereference and BUG leading to a denial of service can be triggered by a local unprivileged user causing a kernel panic. (CVE-2021-38208). ========================================================================== Ubuntu Security Notice USN-4997-2 June 25, 2021 linux-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 Summary: Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 21.04. Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133) Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. (CVE-2021-23134) Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440) Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). An attacker could use this issue to possibly execute arbitrary code. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-3506) Mathias Krause discovered that a null pointer dereference existed in the Nitro Enclaves kernel driver of the Linux kernel. (CVE-2021-3543) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: linux-image-5.11.0-1009-kvm 5.11.0-1009.9 linux-image-kvm 5.11.0.1009.9 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-4997-2 https://ubuntu.com/security/notices/USN-4997-1 CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26141, CVE-2020-26145, CVE-2020-26147, CVE-2021-23133, CVE-2021-23134, CVE-2021-31440, CVE-2021-31829, CVE-2021-32399, CVE-2021-33034, CVE-2021-33200, CVE-2021-3506, CVE-2021-3543, CVE-2021-3609 Package Information: https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1009.9 . 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: out-of-bounds reads in pinctrl subsystem. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2021:4356-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4356 Issue date: 2021-11-09 CVE Names: CVE-2020-0427 CVE-2020-24502 CVE-2020-24503 CVE-2020-24504 CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147 CVE-2020-27777 CVE-2020-29368 CVE-2020-29660 CVE-2020-36158 CVE-2020-36386 CVE-2021-0129 CVE-2021-3348 CVE-2021-3489 CVE-2021-3564 CVE-2021-3573 CVE-2021-3600 CVE-2021-3635 CVE-2021-3659 CVE-2021-3679 CVE-2021-3732 CVE-2021-20194 CVE-2021-20239 CVE-2021-23133 CVE-2021-28950 CVE-2021-28971 CVE-2021-29155 CVE-2021-29646 CVE-2021-29650 CVE-2021-31440 CVE-2021-31829 CVE-2021-31916 CVE-2021-33200 ==================================================================== 1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, x86_64 3. Security Fix(es): * kernel: out-of-bounds reads in pinctrl subsystem (CVE-2020-0427) * kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502) * kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503) * kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504) * kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586) * kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587) * kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588) * kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139) * kernel: accepting plaintext data frames in protected networks (CVE-2020-26140) * kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141) * kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143) * kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144) * kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145) * kernel: powerpc: RTAS calls can be used to compromise kernel integrity (CVE-2020-27777) * kernel: locking inconsistency in tty_io.c and tty_jobctrl.c can lead to a read-after-free (CVE-2020-29660) * kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function via a long SSID value (CVE-2020-36158) * kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386) * kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129) * kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c (CVE-2021-3348) * kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489) * kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564) * kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573) * kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600) * kernel: DoS in rb_per_cpu_empty() (CVE-2021-3679) * kernel: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732) * kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() (CVE-2021-20194) * kernel: Race condition in sctp_destroy_sock list_del (CVE-2021-23133) * kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950) * kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c (CVE-2021-28971) * kernel: protection can be bypassed to leak content of kernel memory (CVE-2021-29155) * kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c (CVE-2021-29646) * kernel: lack a full memory barrier may lead to DoS (CVE-2021-29650) * kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440) * kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829) * kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200) * kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146) * kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147) * kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368) * kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 (CVE-2021-3635) * kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (CVE-2021-3659) * kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239) * kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916) 4. Solution: For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1509204 - dlm: Add ability to set SO_MARK on DLM sockets 1793880 - Unreliable RTC synchronization (11-minute mode) 1816493 - [RHEL 8.3] Discard request from mkfs.xfs takes too much time on raid10 1900844 - CVE-2020-27777 kernel: powerpc: RTAS calls can be used to compromise kernel integrity 1903244 - CVE-2020-29368 kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check 1906522 - CVE-2020-29660 kernel: locking inconsistency in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c can lead to a read-after-free 1912683 - CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt() 1913348 - CVE-2020-36158 kernel: buffer overflow in mwifiex_cmd_802_11_ad_hoc_start function in drivers/net/wireless/marvell/mwifiex/join.c via a long SSID value 1915825 - Allow falling back to genfscon labeling when the FS doesn't support xattrs and there is a fs_use_xattr rule for it 1919893 - CVE-2020-0427 kernel: out-of-bounds reads in pinctrl subsystem. 1921958 - CVE-2021-3348 kernel: Use-after-free in ndb_queue_rq() in drivers/block/nbd.c 1923636 - CVE-2021-20239 kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure 1930376 - CVE-2020-24504 kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers 1930379 - CVE-2020-24502 kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers 1930381 - CVE-2020-24503 kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers 1933527 - Files on cifs mount can get mixed contents when underlying file is removed but inode number is reused, when mounted with 'serverino' and 'cache=strict ' 1939341 - CNB: net: add inline function skb_csum_is_sctp 1941762 - CVE-2021-28950 kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode 1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c 1945345 - CVE-2021-29646 kernel: improper input validation in tipc_nl_retrieve_key function in net/tipc/node.c 1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS 1946965 - CVE-2021-31916 kernel: out of bounds array access in drivers/md/dm-ioctl.c 1948772 - CVE-2021-23133 kernel: Race condition in sctp_destroy_sock list_del 1951595 - CVE-2021-29155 kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory 1953847 - [ethtool] The `NLM_F_MULTI` should be used for `NLM_F_DUMP` 1954588 - RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. 1957788 - CVE-2021-31829 kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory 1959559 - CVE-2021-3489 kernel: Linux kernel eBPF RINGBUF map oversized allocation 1959642 - CVE-2020-24586 kernel: Fragmentation cache not cleared on reconnection 1959654 - CVE-2020-24587 kernel: Reassembling fragments encrypted under different keys 1959657 - CVE-2020-24588 kernel: wifi frame payload being parsed incorrectly as an L2 frame 1959663 - CVE-2020-26139 kernel: Forwarding EAPOL from unauthenticated wifi client 1960490 - CVE-2020-26140 kernel: accepting plaintext data frames in protected networks 1960492 - CVE-2020-26141 kernel: not verifying TKIP MIC of fragmented frames 1960496 - CVE-2020-26143 kernel: accepting fragmented plaintext frames in protected networks 1960498 - CVE-2020-26144 kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header 1960500 - CVE-2020-26145 kernel: accepting plaintext broadcast fragments as full frames 1960502 - CVE-2020-26146 kernel: reassembling encrypted fragments with non-consecutive packet numbers 1960504 - CVE-2020-26147 kernel: reassembling mixed encrypted/plaintext fragments 1960708 - please add CAP_CHECKPOINT_RESTORE to capability.h 1964028 - CVE-2021-31440 kernel: local escalation of privileges in handling of eBPF programs 1964139 - CVE-2021-3564 kernel: double free in bluetooth subsystem when the HCI device initialization fails 1965038 - CVE-2021-0129 kernel: Improper access control in BlueZ may allow information disclosure vulnerability. 1965360 - kernel: get_timespec64 does not ignore padding in compat syscalls 1965458 - CVE-2021-33200 kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier 1966578 - CVE-2021-3573 kernel: use-after-free in function hci_sock_bound_ioctl() 1969489 - CVE-2020-36386 kernel: slab out-of-bounds read in hci_extended_inquiry_result_evt() in net/bluetooth/hci_event.c 1971101 - ceph: potential data corruption in cephfs write_begin codepath 1972278 - libceph: allow addrvecs with a single NONE/blank address 1974627 - [TIPC] kernel BUG at lib/list_debug.c:31! 1975182 - CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer [rhel-8.5.0] 1975949 - CVE-2021-3659 kernel: NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c 1976679 - blk-mq: fix/improve io scheduler batching dispatch 1976699 - [SCTP]WARNING: CPU: 29 PID: 3165 at mm/page_alloc.c:4579 __alloc_pages_slowpath+0xb74/0xd00 1976946 - CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 1976969 - XFS: followup to XFS sync to upstream v5.10 (re BZ1937116) 1977162 - [XDP] test program warning: libbpf: elf: skipping unrecognized data section(16) .eh_frame 1977422 - Missing backport of IMA boot aggregate calculation in rhel 8.4 kernel 1977537 - RHEL8.5: Update the kernel workqueue code to v5.12 level 1977850 - geneve virtual devices lack the NETIF_F_FRAGLIST feature 1978369 - dm writecache: sync with upstream 5.14 1979070 - Inaccessible NFS server overloads clients (native_queued_spin_lock_slowpath connotation?) 1979680 - Backport openvswitch tracepoints 1981954 - CVE-2021-3600 kernel: eBPF 32-bit source register truncation on div/mod 1986138 - Lockd invalid cast to nlm_lockowner 1989165 - CVE-2021-3679 kernel: DoS in rb_per_cpu_empty() 1989999 - ceph omnibus backport for RHEL-8.5.0 1991976 - block: fix New warning in nvme_setup_discard 1992700 - blk-mq: fix kernel panic when iterating over flush request 1995249 - CVE-2021-3732 kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files 1996854 - dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: kernel-4.18.0-348.el8.src.rpm aarch64: bpftool-4.18.0-348.el8.aarch64.rpm bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-4.18.0-348.el8.aarch64.rpm kernel-core-4.18.0-348.el8.aarch64.rpm kernel-cross-headers-4.18.0-348.el8.aarch64.rpm kernel-debug-4.18.0-348.el8.aarch64.rpm kernel-debug-core-4.18.0-348.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debug-devel-4.18.0-348.el8.aarch64.rpm kernel-debug-modules-4.18.0-348.el8.aarch64.rpm kernel-debug-modules-extra-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm kernel-devel-4.18.0-348.el8.aarch64.rpm kernel-headers-4.18.0-348.el8.aarch64.rpm kernel-modules-4.18.0-348.el8.aarch64.rpm kernel-modules-extra-4.18.0-348.el8.aarch64.rpm kernel-tools-4.18.0-348.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-tools-libs-4.18.0-348.el8.aarch64.rpm perf-4.18.0-348.el8.aarch64.rpm perf-debuginfo-4.18.0-348.el8.aarch64.rpm python3-perf-4.18.0-348.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm noarch: kernel-abi-stablelists-4.18.0-348.el8.noarch.rpm kernel-doc-4.18.0-348.el8.noarch.rpm ppc64le: bpftool-4.18.0-348.el8.ppc64le.rpm bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-4.18.0-348.el8.ppc64le.rpm kernel-core-4.18.0-348.el8.ppc64le.rpm kernel-cross-headers-4.18.0-348.el8.ppc64le.rpm kernel-debug-4.18.0-348.el8.ppc64le.rpm kernel-debug-core-4.18.0-348.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debug-devel-4.18.0-348.el8.ppc64le.rpm kernel-debug-modules-4.18.0-348.el8.ppc64le.rpm kernel-debug-modules-extra-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm kernel-devel-4.18.0-348.el8.ppc64le.rpm kernel-headers-4.18.0-348.el8.ppc64le.rpm kernel-modules-4.18.0-348.el8.ppc64le.rpm kernel-modules-extra-4.18.0-348.el8.ppc64le.rpm kernel-tools-4.18.0-348.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-tools-libs-4.18.0-348.el8.ppc64le.rpm perf-4.18.0-348.el8.ppc64le.rpm perf-debuginfo-4.18.0-348.el8.ppc64le.rpm python3-perf-4.18.0-348.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm s390x: bpftool-4.18.0-348.el8.s390x.rpm bpftool-debuginfo-4.18.0-348.el8.s390x.rpm kernel-4.18.0-348.el8.s390x.rpm kernel-core-4.18.0-348.el8.s390x.rpm kernel-cross-headers-4.18.0-348.el8.s390x.rpm kernel-debug-4.18.0-348.el8.s390x.rpm kernel-debug-core-4.18.0-348.el8.s390x.rpm kernel-debug-debuginfo-4.18.0-348.el8.s390x.rpm kernel-debug-devel-4.18.0-348.el8.s390x.rpm kernel-debug-modules-4.18.0-348.el8.s390x.rpm kernel-debug-modules-extra-4.18.0-348.el8.s390x.rpm kernel-debuginfo-4.18.0-348.el8.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-348.el8.s390x.rpm kernel-devel-4.18.0-348.el8.s390x.rpm kernel-headers-4.18.0-348.el8.s390x.rpm kernel-modules-4.18.0-348.el8.s390x.rpm kernel-modules-extra-4.18.0-348.el8.s390x.rpm kernel-tools-4.18.0-348.el8.s390x.rpm kernel-tools-debuginfo-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-core-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-devel-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-modules-4.18.0-348.el8.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-348.el8.s390x.rpm perf-4.18.0-348.el8.s390x.rpm perf-debuginfo-4.18.0-348.el8.s390x.rpm python3-perf-4.18.0-348.el8.s390x.rpm python3-perf-debuginfo-4.18.0-348.el8.s390x.rpm x86_64: bpftool-4.18.0-348.el8.x86_64.rpm bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-4.18.0-348.el8.x86_64.rpm kernel-core-4.18.0-348.el8.x86_64.rpm kernel-cross-headers-4.18.0-348.el8.x86_64.rpm kernel-debug-4.18.0-348.el8.x86_64.rpm kernel-debug-core-4.18.0-348.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debug-devel-4.18.0-348.el8.x86_64.rpm kernel-debug-modules-4.18.0-348.el8.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm kernel-devel-4.18.0-348.el8.x86_64.rpm kernel-headers-4.18.0-348.el8.x86_64.rpm kernel-modules-4.18.0-348.el8.x86_64.rpm kernel-modules-extra-4.18.0-348.el8.x86_64.rpm kernel-tools-4.18.0-348.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-tools-libs-4.18.0-348.el8.x86_64.rpm perf-4.18.0-348.el8.x86_64.rpm perf-debuginfo-4.18.0-348.el8.x86_64.rpm python3-perf-4.18.0-348.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm Red Hat Enterprise Linux CRB (v. 8): aarch64: bpftool-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debug-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-348.el8.aarch64.rpm kernel-tools-debuginfo-4.18.0-348.el8.aarch64.rpm kernel-tools-libs-devel-4.18.0-348.el8.aarch64.rpm perf-debuginfo-4.18.0-348.el8.aarch64.rpm python3-perf-debuginfo-4.18.0-348.el8.aarch64.rpm ppc64le: bpftool-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debug-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-348.el8.ppc64le.rpm kernel-tools-debuginfo-4.18.0-348.el8.ppc64le.rpm kernel-tools-libs-devel-4.18.0-348.el8.ppc64le.rpm perf-debuginfo-4.18.0-348.el8.ppc64le.rpm python3-perf-debuginfo-4.18.0-348.el8.ppc64le.rpm x86_64: bpftool-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debug-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-348.el8.x86_64.rpm kernel-tools-debuginfo-4.18.0-348.el8.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.el8.x86_64.rpm perf-debuginfo-4.18.0-348.el8.x86_64.rpm python3-perf-debuginfo-4.18.0-348.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYrdRdzjgjWX9erEAQhs0w//as9X4T+FCf3TAbcNIStxlOK6fbJoAlST FrgNJnRH3RmT+VxRSLWZcsJQf78kudeJWtMezbGSVREfhCMBCGhKZ7mvVp5P7J8l bobmdaap3hqkPqq66VuKxGuS+6j0rXXgGQH034yzoX+L/lx6KV9qdAnZZO+7kWcy SfX0GkLg0ARDMfsoUKwVmeUeNLhPlJ4ZH2rBdZ4FhjyEAG/5yL9JwU/VNReWHjhW HgarTuSnFR3vLQDKyjMIEEiBPOI162hS2j3Ba/A/1hJ70HOjloJnd0eWYGxSuIfC DRrzlacFNAzBPZsbRFi1plXrHh5LtNoBBWjl+xyb6jRsB8eXgS+WhzUhOXGUv01E lJTwFy5Kz71d+cAhRXgmz5gVgWuoNJw8AEImefWcy4n0EEK55vdFe0Sl7BfZiwpD Jhx97He6OurNnLrYyJJ0+TsU1L33794Ag2AJZnN1PLFUyrKKNlD1ZWtdsJg99klK dQteUTnnUhgDG5Tqulf0wX19BEkLd/O6CRyGueJcV4h4PFpSoWOh5Yy/BlokFzc8 zf14PjuVueIodaIUXtK+70Zmw7tg09Dx5Asyfuk5hWFPYv856nHlDn7PT724CU8v 1cp96h1IjLR6cF17NO2JCcbU0XZEW+aCkGkPcsY8DhBmaZqxUxXObvTD80Mm7EvN +PuV5cms0sE=2UUA -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1168 - Disable hostname verification in syslog TLS settings LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd LOG-1375 - ssl_ca_cert should be optional LOG-1378 - CLO should support sasl_plaintext(Password over http) LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate LOG-1494 - Syslog output is serializing json incorrectly LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing LOG-1735 - Regression introducing flush_at_shutdown LOG-1774 - The collector logs should be excluded in fluent.conf LOG-1776 - fluentd total_limit_size sets value beyond available space LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL LOG-1903 - Fix the Display of ClusterLogging type in OLM LOG-1911 - CLF API changes to Opt-in to multiline error detection LOG-1918 - Alert `FluentdNodeDown` always firing LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding 6

Trust: 2.34

sources: NVD: CVE-2020-24588 // JVNDB: JVNDB-2021-006877 // VULMON: CVE-2020-24588 // PACKETSTORM: 163251 // PACKETSTORM: 163253 // PACKETSTORM: 163255 // PACKETSTORM: 163301 // PACKETSTORM: 164875 // PACKETSTORM: 164837 // PACKETSTORM: 164967

AFFECTED PRODUCTS

vendor:ciscomodel:meraki mr12scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.193

Trust: 1.0

vendor:aristamodel:c-75scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mx67cwscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1852scope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset wi-fi 6 ax200scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1542iscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr33scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-200scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9105scope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset wireless 7265 \scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1750dscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.12

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:1109-4pscope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-235scope:eqversion: -

Trust: 1.0

vendor:intelmodel:ac 9560scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.271

Trust: 1.0

vendor:ciscomodel:webex room 55scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w721-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex dx80scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr42scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:20h2

Trust: 1.0

vendor:intelmodel:proset wi-fi 6e ax210scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr55scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-260scope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset ac 9260scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9130axescope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829gw-lte-ga-zk9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex dx70scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1832scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr36scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-110scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1810scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr44scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9120scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet ap803scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1803

Trust: 1.0

vendor:siemensmodel:scalance w1748-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr20scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr70scope:eqversion: -

Trust: 1.0

vendor:aristamodel:w-68scope:eqversion: -

Trust: 1.0

vendor:intelmodel:killer wi-fi 6e ax1675scope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset ac 3168scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mx68cwscope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset ac 9461scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex board 85sscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room 70 dualscope:eqversion: -

Trust: 1.0

vendor:intelmodel:killer ac 1550scope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:ciscomodel:catalyst 9120 apscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w722-1scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 8.1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mx65wscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1810wscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9105axwscope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset ac 8260scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr53scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1788-1scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-230scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr45scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows rt 8.1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr84scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr76scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr86scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-130scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.19

Trust: 1.0

vendor:aristamodel:w-118scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829gw-lte-vz-ak9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:1100-8pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex board 55sscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829-2lte-ea-ak9scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion:2004

Trust: 1.0

vendor:intelmodel:proset ac 9462scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.10

Trust: 1.0

vendor:ciscomodel:ip phone 6861scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9130axiscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ip phone 8861scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9120axiscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mx67wscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w786-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w788-2scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wam763-1scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1809

Trust: 1.0

vendor:siemensmodel:scalance w761-1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:ac 8265scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w774-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9124axiscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room kit miniscope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset ac 9560scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9124axdscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki z3cscope:eqversion: -

Trust: 1.0

vendor:intelmodel:ac 9260scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet iw3702scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.4.124

Trust: 1.0

vendor:ciscomodel:meraki mr34scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.12.9

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:siemensmodel:scalance w738-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9120axpscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki gr60scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr26scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:1101-4pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr72scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-65scope:eqversion: -

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax201scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w778-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room 70 dual g2scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9115axiscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:mac80211scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.4.0

Trust: 1.0

vendor:ciscomodel:meraki mr62scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mx68wscope:eqversion: -

Trust: 1.0

vendor:intelmodel:wi-fi 6 ax200scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.14

Trust: 1.0

vendor:aristamodel:c-100scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829-2lte-ea-bk9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829gw-lte-na-ak9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9124scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9117axiscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9105axiscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1842scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829gw-lte-ga-ek9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ip phone 8865scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9117 apscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr46scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wum766-1 6ghzscope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w748-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1815iscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr32scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room 70 single g2scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1815scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.4

Trust: 1.0

vendor:ciscomodel:meraki mr74scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829gw-lte-ga-ck9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ip phone 8832scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr46escope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room 70 singlescope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9117scope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.10.42

Trust: 1.0

vendor:ciscomodel:meraki mr53escope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room 55 dualscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9130scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:1100scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wum766-1scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w788-1scope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-120scope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset ac 3165scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1788-2scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki gr10scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1909

Trust: 1.0

vendor:intelmodel:killer wi-fi 6 ax1650scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room 70scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829-2lte-ea-ek9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9120axescope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex board 70sscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ir829gw-lte-ga-sk9scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:ip phone 8821scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w786-2scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1607

Trust: 1.0

vendor:intelmodel:proset ac 8265scope:eqversion: -

Trust: 1.0

vendor:ieeemodel:802.11scope:eqversion:*

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.9.0

Trust: 1.0

vendor:ciscomodel:aironet 1800iscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr30hscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.235

Trust: 1.0

vendor:ciscomodel:webex board 55scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 7scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1800scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mx64wscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows server 2019scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex room kitscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9115axescope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.271

Trust: 1.0

vendor:ciscomodel:meraki mr52scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr42escope:eqversion: -

Trust: 1.0

vendor:aristamodel:c-250scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1532scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wum763-1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:proset wi-fi 6 ax201scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:webex board 70scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wam766-1 6ghzscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:1100-4pscope:eqversion: -

Trust: 1.0

vendor:aristamodel:o-105scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance wam766-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:aironet 1542dscope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:2004

Trust: 1.0

vendor:ciscomodel:catalyst 9130 apscope:eqversion: -

Trust: 1.0

vendor:intelmodel:ac 8260scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w786-2iascope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9115scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:1109-2pscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr66scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w1788-2iascope:eqversion: -

Trust: 1.0

vendor:siemensmodel:scalance w734-1scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki z3scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:meraki mr56scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:catalyst 9115 apscope:eqversion: -

Trust: 1.0

vendor:aristamodel:o-90scope:eqversion: -

Trust: 1.0

vendor:マイクロソフトmodel:microsoft windows rt 8.1scope: - version: -

Trust: 0.8

vendor:ieeemodel:802.11scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 7scope: - version: -

Trust: 0.8

vendor:linuxmodel:mac80211scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2016scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 10scope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:日本電気model:atermscope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows 8.1scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2019scope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2008scope: - version: -

Trust: 0.8

vendor:日本電気model:nec ai acceleratorscope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft windows server 2012scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-006877 // NVD: CVE-2020-24588

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-24588
value: LOW

Trust: 1.0

NVD: CVE-2020-24588
value: LOW

Trust: 0.8

CNNVD: CNNVD-202105-633
value: LOW

Trust: 0.6

VULMON: CVE-2020-24588
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-24588
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:N/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2020-24588
baseSeverity: LOW
baseScore: 3.5
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.1
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2020-24588
baseSeverity: LOW
baseScore: 3.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2020-24588 // JVNDB: JVNDB-2021-006877 // CNNVD: CNNVD-202105-633 // NVD: CVE-2020-24588

PROBLEMTYPE DATA

problemtype:CWE-327

Trust: 1.0

problemtype:Lack of authentication for critical features (CWE-306) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-006877 // NVD: CVE-2020-24588

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202105-633

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-202105-633

PATCH

title:top page NEC NEC Product security informationurl:https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

Trust: 0.8

title:Microsoft Windows Wireless Networking Fixes for access control error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=151563

Trust: 0.6

title:Red Hat: CVE-2020-24588url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2020-24588

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-24588 log

Trust: 0.1

title:Amazon Linux 2: ALAS2KERNEL-5.4-2022-004url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.4-2022-004

Trust: 0.1

title:Cisco: Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021url:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-wifi-faf-22epcEWu

Trust: 0.1

title:Amazon Linux 2: ALAS2KERNEL-5.10-2022-002url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2KERNEL-5.10-2022-002

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2020-24588

Trust: 0.1

title: - url:https://github.com/kali973/fragAttacks

Trust: 0.1

title:fragattacksurl:https://github.com/vanhoefm/fragattacks

Trust: 0.1

sources: VULMON: CVE-2020-24588 // JVNDB: JVNDB-2021-006877 // CNNVD: CNNVD-202105-633

EXTERNAL IDS

db:NVDid:CVE-2020-24588

Trust: 4.0

db:SIEMENSid:SSA-913875

Trust: 1.7

db:OPENWALLid:OSS-SECURITY/2021/05/11/12

Trust: 1.7

db:JVNid:JVNVU93485736

Trust: 0.8

db:JVNDBid:JVNDB-2021-006877

Trust: 0.8

db:ICS CERTid:ICSA-22-102-04

Trust: 0.7

db:PACKETSTORMid:164875

Trust: 0.7

db:AUSCERTid:ESB-2021.2409

Trust: 0.6

db:AUSCERTid:ESB-2021.2876

Trust: 0.6

db:AUSCERTid:ESB-2021.2509

Trust: 0.6

db:AUSCERTid:ESB-2021.3825

Trust: 0.6

db:AUSCERTid:ESB-2021.2079

Trust: 0.6

db:AUSCERTid:ESB-2021.2290

Trust: 0.6

db:AUSCERTid:ESB-2023.0995

Trust: 0.6

db:AUSCERTid:ESB-2021.2249

Trust: 0.6

db:AUSCERTid:ESB-2021.4254

Trust: 0.6

db:AUSCERTid:ESB-2021.1587

Trust: 0.6

db:AUSCERTid:ESB-2021.2368

Trust: 0.6

db:AUSCERTid:ESB-2023.0845

Trust: 0.6

db:AUSCERTid:ESB-2021.3905

Trust: 0.6

db:AUSCERTid:ESB-2022.1715

Trust: 0.6

db:AUSCERTid:ESB-2021.2136

Trust: 0.6

db:AUSCERTid:ESB-2021.2216

Trust: 0.6

db:AUSCERTid:ESB-2021.1628

Trust: 0.6

db:CS-HELPid:SB2021051814

Trust: 0.6

db:CS-HELPid:SB2021051920

Trust: 0.6

db:CS-HELPid:SB2021051715

Trust: 0.6

db:CS-HELPid:SB2022041319

Trust: 0.6

db:CS-HELPid:SB2022031521

Trust: 0.6

db:CS-HELPid:SB2021051227

Trust: 0.6

db:CS-HELPid:SB2021100407

Trust: 0.6

db:CS-HELPid:SB2021051118

Trust: 0.6

db:PACKETSTORMid:163291

Trust: 0.6

db:PACKETSTORMid:163249

Trust: 0.6

db:ICS CERTid:ICSA-22-104-04

Trust: 0.6

db:ICS CERTid:ICSA-21-236-01

Trust: 0.6

db:LENOVOid:LEN-57316

Trust: 0.6

db:LENOVOid:LEN-61212

Trust: 0.6

db:CNNVDid:CNNVD-202105-633

Trust: 0.6

db:VULMONid:CVE-2020-24588

Trust: 0.1

db:PACKETSTORMid:163251

Trust: 0.1

db:PACKETSTORMid:163253

Trust: 0.1

db:PACKETSTORMid:163255

Trust: 0.1

db:PACKETSTORMid:163301

Trust: 0.1

db:PACKETSTORMid:164837

Trust: 0.1

db:PACKETSTORMid:164967

Trust: 0.1

sources: VULMON: CVE-2020-24588 // JVNDB: JVNDB-2021-006877 // PACKETSTORM: 163251 // PACKETSTORM: 163253 // PACKETSTORM: 163255 // PACKETSTORM: 163301 // PACKETSTORM: 164875 // PACKETSTORM: 164837 // PACKETSTORM: 164967 // CNNVD: CNNVD-202105-633 // NVD: CVE-2020-24588

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-wifi-faf-22epcewu

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-24588

Trust: 2.0

url:https://www.fragattacks.com

Trust: 1.7

url:https://github.com/vanhoefm/fragattacks/blob/master/summary.md

Trust: 1.7

url:http://www.openwall.com/lists/oss-security/2021/05/11/12

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html

Trust: 1.7

url:https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2020-24588

Trust: 1.0

url:http://jvn.jp/cert/jvnvu93485736/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-26147

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-24586

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-26145

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-23133

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-24587

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-26141

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-26139

Trust: 0.6

url:https://www.qualcomm.com/company/product-security/bulletins/august-2021-bulletin

Trust: 0.6

url:https://support.lenovo.com/us/en/product_security/len-61212

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051227

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051920

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2216

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2876

Trust: 0.6

url:https://source.android.com/security/bulletin/2021-10-01

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3905

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.0995

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1628

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3825

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-104-04

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-102-04

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2368

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021100407

Trust: 0.6

url:https://msrc.microsoft.com/update-guide/vulnerability/cve-2020-24588

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-236-01

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.0845

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051715

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051814

Trust: 0.6

url:https://vigilance.fr/vulnerability/wi-fi-devices-multiple-vulnerabilities-via-fragattacks-35386

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2509

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051118

Trust: 0.6

url:https://packetstormsecurity.com/files/163291/ubuntu-security-notice-usn-5000-2.html

Trust: 0.6

url:https://packetstormsecurity.com/files/164875/red-hat-security-advisory-2021-4140-02.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2249

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2409

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022041319

Trust: 0.6

url:https://packetstormsecurity.com/files/163249/ubuntu-security-notice-usn-4997-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1587

Trust: 0.6

url:https://support.lenovo.com/us/en/product_security/len-57316

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2136

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4254

Trust: 0.6

url:https://device.harmonyos.com/cn/docs/security/update/security-bulletins-phones-202111-0000001218088197

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2079

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2290

Trust: 0.6

url:https://www.huawei.com/cn/psirt/security-notices/huawei-sn-20210513-01-fragattacks-cn

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.1715

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022031521

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-3609

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-33200

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-31829

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-31440

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-32399

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-3506

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-23134

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-33034

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26143

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24504

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3600

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20239

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26144

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3679

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-36158

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3635

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-31829

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26145

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-36386

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-33200

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-29650

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3573

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-29368

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20194

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24586

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26147

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-31916

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26141

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3348

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-28950

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26140

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-31440

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26146

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-29646

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-29155

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3732

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-0129

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3489

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-24503

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-29660

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24587

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-26139

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-28971

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24502

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24503

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3659

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3564

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-23133

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-24502

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-29155

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-3543

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-26144

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-24504

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20239

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20194

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-0129

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-28950

Trust: 0.2

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-26143

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29368

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-26140

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36386

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-29660

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-28971

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-36158

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-26146

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27777

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/327.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2020-24588

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-04

Trust: 0.1

url:https://alas.aws.amazon.com/al2/alaskernel-5.4-2022-004.html

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1033.34~20.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1036.38~20.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25670

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1029.32

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1035.37

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.8.0-59.66

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25671

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1038.40

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1036.38

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25673

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-59.66~20.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1030.32

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1035.37~20.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1038.40~20.04.1

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-4999-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1033.34

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1046.49

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1048.52

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5000-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1051.53~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1051.53

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1018.19

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1038.41

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1046.48~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1018.19~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-77.86~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1038.41~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.4.0-77.86

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1051.53

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1046.49~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1051.53~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1048.52~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1046.48

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-5001-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1033.34

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.11.0-1009.9

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-4997-1

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-4997-2

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4140

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4356

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27777

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35521

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25014

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35522

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12762

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3426

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14615

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23841

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-17541

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3800

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33574

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-42574

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36332

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3572

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14145

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3445

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25009

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36331

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3200

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33033

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25010

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3487

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-16135

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36312

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23840

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25009

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35448

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20673

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-17541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20673

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25013

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35524

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-16135

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20266

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27645

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33194

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25013

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22925

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22898

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36330

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3778

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20284

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31535

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-35942

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12762

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25014

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14615

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3481

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14145

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35523

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28153

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33560

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3796

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-25010

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4627

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-25012

Trust: 0.1

sources: VULMON: CVE-2020-24588 // JVNDB: JVNDB-2021-006877 // PACKETSTORM: 163251 // PACKETSTORM: 163253 // PACKETSTORM: 163255 // PACKETSTORM: 163301 // PACKETSTORM: 164875 // PACKETSTORM: 164837 // PACKETSTORM: 164967 // CNNVD: CNNVD-202105-633 // NVD: CVE-2020-24588

CREDITS

Mitsubishi Electric reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202105-633

SOURCES

db:VULMONid:CVE-2020-24588
db:JVNDBid:JVNDB-2021-006877
db:PACKETSTORMid:163251
db:PACKETSTORMid:163253
db:PACKETSTORMid:163255
db:PACKETSTORMid:163301
db:PACKETSTORMid:164875
db:PACKETSTORMid:164837
db:PACKETSTORMid:164967
db:CNNVDid:CNNVD-202105-633
db:NVDid:CVE-2020-24588

LAST UPDATE DATE

2024-11-21T22:51:46.170000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2020-24588date:2023-04-01T00:00:00
db:JVNDBid:JVNDB-2021-006877date:2024-02-27T02:33:00
db:CNNVDid:CNNVD-202105-633date:2023-04-03T00:00:00
db:NVDid:CVE-2020-24588date:2023-04-01T22:15:08.467

SOURCES RELEASE DATE

db:VULMONid:CVE-2020-24588date:2021-05-11T00:00:00
db:JVNDBid:JVNDB-2021-006877date:2022-01-24T00:00:00
db:PACKETSTORMid:163251date:2021-06-23T15:35:21
db:PACKETSTORMid:163253date:2021-06-23T15:38:23
db:PACKETSTORMid:163255date:2021-06-23T15:41:26
db:PACKETSTORMid:163301date:2021-06-28T16:22:26
db:PACKETSTORMid:164875date:2021-11-10T17:10:23
db:PACKETSTORMid:164837date:2021-11-10T17:04:39
db:PACKETSTORMid:164967date:2021-11-15T17:25:56
db:CNNVDid:CNNVD-202105-633date:2021-05-11T00:00:00
db:NVDid:CVE-2020-24588date:2021-05-11T20:15:08.613