Broadcom WiFi Chipset Drivers are prone to multiple heap-based buffer-overflow vulnerabilities.
Attackers may exploit these issues to execute arbitrary code within the context of the affected application. Failed exploits may result in denial-of-service conditions.
Information
CVE-2019-9502
Broadcom Wifi Driver 0
Broadcom BCM4352 6.30.223.0
Broadcom BCM43236 6.37.14.105
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- Linux Homepage (Linux)
- Reverse-engineering Broadcom wireless chipsets (quarkslab.com)
- Synology-SA-19:18 Broadcom Wi-Fi Driver (Synology)
- VU#166939: Broadcom WiFi chipset drivers contain multiple vulnerabilities (CERT)