PT-2019-5254 · Broadcom+4 · Brcmfmac Wifi Driver+4

Hugues Anguelkov

·

Publicado

2019-02-19

·

Atualizado

2022-04-18

·

CVE-2019-9503

CVSS v3.1

8.3

Alta

VetorAV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions brcmfmac WiFi driver versions prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f
Description The issue is related to insufficient input validation in the is wlc event frame function of the Broadcom brcmfmac WiFi driver. This can be exploited by a remote, unauthenticated attacker to bypass frame validation, potentially allowing the execution of arbitrary code on a vulnerable system or resulting in denial-of-service conditions. The vulnerability can be triggered by sending specially-crafted WiFi packets.
Recommendations For versions prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f, consider updating to a version that includes the commit a4176ec356c73a46c07c181c6d04039fafa34a9f or later to resolve the issue. As a temporary workaround, consider restricting the use of USB WiFi dongles to minimize the risk of exploitation.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2020-02045
CESA-2019_2703
CESA-2019_2741
CESA-2020_1016
CVE-2019-9503
DLA-1799-1
DLA-1799-2
DLA-1824-1
DSA-4465-1
OPENSUSE-SU-2019:1404-1
OPENSUSE-SU-2019:1479-1
OPENSUSE-SU-2019_1404-1
OPENSUSE-SU-2019_1407-1
OPENSUSE-SU-2019_1479-1
RHSA-2019:2703
RHSA-2019:2741
RHSA-2019_2703
RHSA-2019_2741
RHSA-2020:1016
RHSA-2020:1070
RHSA-2020:2522
RHSA-2020_1016
RHSA-2020_1070
SUSE-SU-2019:1240-1
SUSE-SU-2019:1241-1
SUSE-SU-2019:1242-1
SUSE-SU-2019:1244-1
SUSE-SU-2019:1245-1
SUSE-SU-2019:1287-1
SUSE-SU-2019:1289-1
SUSE-SU-2019:1550-1
SUSE-SU-2019:2430-1
USN-3979-1
USN-3980-1
USN-3980-2
USN-3981-1
USN-3981-2
USN-4076-1
USN-4095-1

Produtos afetados

Centos
Red Hat
Suse
Ubuntu
Brcmfmac Wifi Driver