54 matches found
Input validation
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and unprocessed. I...
CVE-2019-9503
CVE-2019-9503 affects the Broadcom brcmfmac WiFi driver: prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f, the driver is vulnerable to a frame validation bypass. If a firmware event frame is received from a remote source, is_wlc_event_frame may discard or bypass handling, potentially allo...
CVE-2019-9503 Broadcom brcmfmac driver is vulnerable to a frame validation bypass
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and unprocessed. I...
CVE-2019-9503
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and unprocessed. I...
kernel: brcmfmac frame validation bypass
If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1407-1 Rating: important References: 1012382 1020645 1020989 1031492 1047487 1051510 1053043 1062056 1063638 1064388 1066223 1070872 1085539 1087092 1094244 1096480 1096728 1097104 1100132 1103186...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1404-1 Rating: important References: 1050549 1051510 1052904 1053043 1055117 1055121 1055186 1061840 1063638 1065600 1065729 1070872 1082555 1083647 1085535 1085536 1088804 1097583 1097584 1097585...
Broadcom WiFi chipset drivers contain multiple vulnerabilities
Overview The Broadcom wl driver and the open-source brcmfmac driver for Broadcom WiFi chipsets contain multiple vulnerabilities. The Broadcom wl driver is vulnerable to two heap buffer overflows, and the open-source brcmfmac driver is vulnerable to a frame validation bypass and a heap buffer...
CVE-2019-9503
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and unprocessed. I...
UBUNTU-CVE-2019-9503
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the iswlceventframe function will cause this frame to be discarded and unprocessed. I...
Cisco Aironet suffers from a denial of service vulnerability (CNVD-2018-08990)
The Cisco Aironet 1810, 1830, and 1850 Series Access Points are different families of wireless access point devices from Cisco, Inc.Mobility Express Software is a set of management and control software that runs on them. The Mobility Express Software versions 8.4.100.0, 8.5.103.0, and 8.5.105.0 o...
CVE-2018-0235
A vulnerability in the 802.11 frame validation functionality of the Cisco Wireless LAN Controller WLC could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to incomplete input...
Cisco IOS XR Software Local Packet Transport Services Denial of Service Vulnerability
A vulnerability in the Local Packet Transport Services LPTS ingress frame-processing functionality of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause one of the LPTS processes on an affected system to restart unexpectedly, resulting in a brief denial of service DoS...
Cisco Aironet Access Points Denial of Service Vulnerability (CNVD-2017-32919)
The Cisco Aironet 1560, 2800, and 3800 Series Access Points are router access devices from Cisco, Inc. A denial of service vulnerability exists in the 802.11 association request frame handling in the Cisco Aironet 1560, 2800, and 3800 Series Access Points, which arises from a program that fails t...