kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: The PMK parameter is now passed as binary data, rather than hexadecimal data. It appears that the hexadecimal passphrase mechanism does not work on newer chips/firmwares e.g., BCM4387. There was actually...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The brcm80211 component in the Linux kernel, from version 6.5.10 onwards, has a use-after-free issue in the code for disconnecting devices via hotplug i.e., removing the USB connection. For attackers who have physical access and local privileges, “this could be exploited in a real-world scenario....

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010814 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004285 advisory. The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN...

kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...

kernel: wifi: brcmfmac: Check the return value of of_property_read_string_index()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the return value of ofpropertyreadstringindex Somewhen between 6.10 and 6.11 the driver started to crash on my MacBookPro14,3. The property doesn't exist and 'tmp' remains uninitialized, so we pass a random...

EUVD-2017-1178

Malware in sbrugna...

EUVD-2019-18874

Malware in sbrugna...

EUVD-2019-18876

Malware in sbrugna...

EUVD-2019-18877

Malware in sbrugna...

EUVD-2017-1179

Malware in sbrugna...

EUVD-2019-18875

Malware in sbrugna...

UBUNTU-CVE-2023-53213

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: slab-out-of-bounds read in brcmfgetassocies Fix a slab-out-of-bounds read that occurs in kmemdup called from brcmfgetassocies. The bug could occur when associnfo-reqlen, data from a URB provided by a USB device, i...

Linux Distros Unpatched Vulnerability : CVE-2017-0430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of...

Linux Distros Unpatched Vulnerability : CVE-2017-0509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of...

Linux Distros Unpatched Vulnerability : CVE-2022-3628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can...

CVE-2019-9501

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlcwpasupeapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote,...

kernel: wifi: brcmfmac: pcie: handle randbuf allocation failure

in linux kernel wifi, the kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. Thereafter if getrandombytes is used, a null pointer dereference is triggered, causing allocation failure...

kernel: wifi: brcmfmac: pcie: handle randbuf allocation failure

in linux kernel wifi, the kzalloc in brcmfpciedownloadfwnvram will return null if the physical memory has run out. Thereafter if getrandombytes is used, a null pointer dereference is triggered, causing allocation failure...