CVE-2019-9501: Broadcom wl driver is vulnerable to heap buffer overflow
First published: Mon Feb 03 2020(Updated: )
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Synology Router Manager | =1.2 | |
| Broadcom Bcm4339 Firmware | ||
| Broadcom Bcm4339 | ||
| Google Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html
- https://kb.cert.org/vuls/id/166939/
- https://source.android.com/docs/security/bulletin/2020-07-01/#asterisk
- https://source.android.com/docs/security/bulletin/2020-07-01 (Advisory)
- https://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is CVE-2019-9501?
CVE-2019-9501 refers to a vulnerability in the Broadcom wl WiFi driver that allows for a heap buffer overflow.
What is the severity of CVE-2019-9501?
CVE-2019-9501 has a severity score of 8.8, which is considered critical.
Which software is affected by CVE-2019-9501?
CVE-2019-9501 affects Google Android, Synology Router Manager version 1.2, and Broadcom Bcm4339 Firmware.
How can the heap buffer overflow in CVE-2019-9501 be triggered?
The heap buffer overflow in CVE-2019-9501 can be triggered by supplying a vendor information element with a data length larger than 32 bytes in the Broadcom wl WiFi driver.
Are Broadcom Bcm4339 devices vulnerable to CVE-2019-9501?
No, Broadcom Bcm4339 devices are not vulnerable to CVE-2019-9501.
- collector/nvd-index
- agent/type
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2019-8564
- alias/CVE-2019-9500
- alias/CVE-2019-9501
- alias/CVE-2019-9502
- alias/CVE-2019-9503
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/softwarecombine
- agent/news-ai
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/tags
- vendor/synology
- canonical/synology router manager
- version/synology router manager/1.2
- vendor/broadcom
- canonical/broadcom bcm4339 firmware
- canonical/broadcom bcm4339
- vendor/google
- canonical/google android