VYPR
High severity7.8NVD Advisory· Published Aug 12, 2024· Updated Apr 15, 2026

CVE-2023-50809

CVE-2023-50809

Description

In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five.

Affected products

3
  • Arc/Arcllm-fuzzy
    Range: < S1 11.12 & < S2 15.9
  • Beam/Beamllm-fuzzy
    Range: < S1 11.12 & < S2 15.9
  • Sonos/Sonos S1llm-fuzzy
    Range: < S1 11.12 & < S2 15.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.