1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Broadcom WiFi chipset drivers contain multiple vulnerabilities

Discussion in 'General Network Security' started by Maghook, Apr 18, 2019.

  1. Maghook

    Maghook Regular Contributor

    Joined:
    Aug 18, 2012
    Messages:
    56
    Overview

    The Broadcom wl driver and the open-source brcmfmac driver for Broadcom WiFi chipsets contain multiple vulnerabilities. The Broadcom wl driver is vulnerable to two heap buffer overflows, and the open-source brcmfmac driver is vulnerable to a frame validation bypass and a heap buffer overflow.

    Impact


    In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, these vulnerabilities will result in denial-of-service attacks.

    Apple
    Status: Affected

    Asus
    Status: No statement is currently available from the vendor regarding this vulnerability.

    https://www.kb.cert.org/vuls/id/166939/
     
  2. Internet Man

    Internet Man Senior Member

    Joined:
    Sep 1, 2017
    Messages:
    338
    I wonder how many devices remain vulnerable to Broadpwn
     
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,338
    Location:
    UK
    Note that these are vulnerabilities in the client, not the access point. So in the case of Asus routers this would not be applicable unless it was operating as a client (e.g. media bridge) and connecting to a malicious access point.
     
    L&LD and EmeraldDeer like this.