QwikSec

Security Database

CVE

CWE

Training

CVE-2020-26147

Published: May 11, 2021

Modified: Apr 14, 2026

PUBLISHED

Description

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20210511 Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021

vendor-advisory

x_refsource_CISCO

https://www.fragattacks.com

x_refsource_MISC

https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md

x_refsource_MISC

[oss-security] 20210511 various 802.11 security issues - fragattacks.com

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf

x_refsource_CONFIRM

https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.