FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8d20bd48-a4f3-11ec-90de-1c697aa5a594FreeBSD-kernel -- Multiple WiFi issues

Problem Description:

The paper "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation" reported a number of security vulnerabilities in the 802.11 specification related to frame aggregation and fragmentation.

Additionally, FreeBSD 12.x missed length validation of SSIDs and Information Elements (IEs).

Impact:

As reported on the FragAttacks website, the "design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings." Under suitable conditions an attacker may be able to extract sensitive data or inject data.


Discovery 2022-03-15
Entry 2022-03-16
FreeBSD-kernel
ge 13.0 lt 13.0_8

ge 12.3 lt 12.3_3

ge 12.2 lt 12.2_14

CVE-2020-26147
CVE-2020-24588
CVE-2020-26144
SA-22:02.wifi