Unrated severityNVD Advisory· Published Feb 3, 2020· Updated Aug 4, 2024

Broadcom wl driver is vulnerable to heap buffer overflow

CVE-2019-9502

Description

The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Broadcom Corporation/wifi driverllm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: wl

Patches

Vulnerability mechanics

References

blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.htmlmitrex_refsource_MISC
kb.cert.org/vuls/id/166939/mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000