A vulnerability was found in Linux Kernel's Wi-Fi implementation. An attacker within wireless range can inject a control packet fragment where the kernel does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. Upstream patch: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/ https://lore.kernel.org/linux-wireless/20210511200110.c3f1d42c6746.I795593fcaae941c471425b8c7d5f7bb185d29142@changeid/
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1960493]
Mitigation: Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
This was fixed for Fedora with the 5.12.9 stable kernel updates.
Maybe this patch is also a fix for this? https://lore.kernel.org/linux-wireless/20210511200110.430e8c202313.Ia37e4e5b6b3eaab1a5ae050e015f6c92859dbe27@changeid/
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4140 https://access.redhat.com/errata/RHSA-2021:4140
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4356 https://access.redhat.com/errata/RHSA-2021:4356
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-26141