What's new

Broadcom WiFi chipset drivers contain multiple vulnerabilities

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Maghook

Regular Contributor
Overview

The Broadcom wl driver and the open-source brcmfmac driver for Broadcom WiFi chipsets contain multiple vulnerabilities. The Broadcom wl driver is vulnerable to two heap buffer overflows, and the open-source brcmfmac driver is vulnerable to a frame validation bypass and a heap buffer overflow.

Impact


In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, these vulnerabilities will result in denial-of-service attacks.

Apple
Status: Affected

Asus
Status: No statement is currently available from the vendor regarding this vulnerability.

https://www.kb.cert.org/vuls/id/166939/
 
Note that these are vulnerabilities in the client, not the access point. So in the case of Asus routers this would not be applicable unless it was operating as a client (e.g. media bridge) and connecting to a malicious access point.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top