CVE-2020-26139

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-26139

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-26139.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-26139

Downstream

DEBIAN-CVE-2020-26139

DLA-2689-1

DLA-2690-1

RHSA-2021:4140

RHSA-2021:4356

SUSE-SU-2021:14764-1

SUSE-SU-2021:1887-1

SUSE-SU-2021:1888-1

SUSE-SU-2021:1889-1

SUSE-SU-2021:1890-1

SUSE-SU-2021:1891-1

SUSE-SU-2021:1899-1

SUSE-SU-2021:1912-1

SUSE-SU-2021:1913-1

SUSE-SU-2021:1975-1

SUSE-SU-2021:1977-1

SUSE-SU-2021:2208-1

SUSE-SU-2021:2406-1

SUSE-SU-2021:2421-1

SUSE-SU-2021:2451-1

UBUNTU-CVE-2020-26139

USN-4999-1

USN-5000-1

USN-5000-2

USN-5001-1

USN-5018-1

USN-5343-1

openSUSE-SU-2021:0843-1

openSUSE-SU-2021:0947-1

openSUSE-SU-2021:1975-1

openSUSE-SU-2021:1977-1

Related

Published

2021-05-11T20:15:08Z

Modified

2025-08-09T20:01:27Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.

References

Affected packages