The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2020-02-03T21:00:20

Updated: 2024-08-04T21:54:44.149Z

Reserved: 2019-03-01T00:00:00

Link: CVE-2019-9502

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-03T21:15:11.547

Modified: 2024-11-21T04:51:44.727

Link: CVE-2019-9502

cve-icon Redhat

No data.