Select your cookie preferences

We use cookies and similar tools to enhance your experience, provide our services, deliver relevant advertising, and make improvements. Approved third parties also use these tools to help us deliver advertising and provide certain site features.

CVE-2019-9500

Public on 2019-05-29
Modified on 2019-07-22
Description

If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw (CVE-2019-9503), can be used remotely. This can result in a remote denial of service (DoS). Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out.

Severity
Important
See what this means
CVSS v3 Base Score
6.5
See breakdown
Continue reading

Affected Packages

Platform Package Release Date Advisory
Amazon Linux 1 kernel 2019-05-29 19:35 ALAS-2019-1214
Amazon Linux 2 - Core kernel 2019-05-29 18:59 ALAS2-2019-1214

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 6.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
NVD CVSSv3 8.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
NVD CVSSv2 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C