CVE-2023-21207

In initiateTdlsSetupInternal of staiface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

CVE-2023-21207

In initiateTdlsSetupInternal of staiface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

Broadcom: Heap overflow in "wlc_tdls_cal_mic_chk" due to large RSN IE in TDLS Setup Confirm frame (CVE-2017-0561)

Broadcom produces the Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. One of the events handled by the BCM...

Broadcom Wi-Fi SoC - Heap Overflow in wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm

Exploit for hardware platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are...

Broadcom Wi-Fi SoC - Heap Overflow 'wlc_tdls_cal_mic_chk' Due to Large RSN IE in TDLS Setup Confirm Frame

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without...