Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-9503
HistoryApr 12, 2019 - 12:00 a.m.

CVE-2019-9503

2019-04-1200:00:00
ubuntu.com
ubuntu.com
15

0.002 Low

EPSS

Percentile

54.7%

The Broadcom brcmfmac WiFi driver prior to commit
a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame
validation bypass. If the brcmfmac driver receives a firmware event frame
from a remote source, the is_wlc_event_frame function will cause this frame
to be discarded and unprocessed. If the driver receives the firmware event
frame from the host, the appropriate handler is called. This frame
validation can be bypassed if the bus used is USB (for instance by a wifi
dongle). This can allow firmware event frames from a remote source to be
processed. In the worst case scenario, by sending specially-crafted WiFi
packets, a remote, unauthenticated attacker may be able to execute
arbitrary code on a vulnerable system. More typically, this vulnerability
will result in denial-of-service conditions.

Notes

Author Note
mdeslaur this was originally called CVE-2019-8564 by mistake
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-50.54UNKNOWN
ubuntu18.10noarchlinux< 4.18.0-20.21UNKNOWN
ubuntu19.04noarchlinux< 5.0.0-15.16UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-157.185UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1039.41UNKNOWN
ubuntu18.10noarchlinux-aws< 4.18.0-1016.18UNKNOWN
ubuntu19.04noarchlinux-aws< 5.0.0-1006.6UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1090.101UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1039.41~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure< 4.18.0-1018.18~18.04.1UNKNOWN
Rows per page:
1-10 of 431