Vulnerabilities in drivers for Broadcom Wi-Fi chips threatens array of PCs and mobile devices

Drivers for Wi-Fi chips from Broadcom Company contain a list of vulnerabilities that can affect devices with various OSs, including Linux and macOS.

According to warnings from Ministry of Homeland Security and team of CERT coordination center, bugs allow performing a code, which leads to errors in devices functioning.

Totally were noticed five vulnerabilities in Broadcom wl driver and open driver brcmfmas for Broadcom Wi-Fi chips. While the former contains two vulnerabilities of buffer overflow, the latter is vulnerable in terms of frame confirmation and buffer overflow.

Problems got respective identificators CVE-2019-8564, CVE-2019-9500, CVE-2019-9501, CVE-2019-9502 and CVE-2019-9503. Technical features and list of producers of vulnerable devices can be found here.

Intruders can use issues with Broadcom chips through specially formed Wi-Fi packets for performing any random code though it is noted that bags most often lead to fails in work of devices.

Source: https://blog.quarkslab.com