Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-9500

Опубликовано: 16 янв. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.9
CVSS3: 7.9

Описание

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

РелизСтатусПримечание
bionic

released

4.15.0-50.54
cosmic

released

4.18.0-20.21
devel

released

5.0.0-15.16
disco

released

5.0.0-15.16
esm-infra-legacy/trusty

not-affected

3.11.0-12.19
esm-infra/bionic

released

4.15.0-50.54
esm-infra/xenial

not-affected

4.2.0-16.19
precise/esm

not-affected

3.0.0-12.20
trusty

not-affected

3.11.0-12.19
trusty/esm

not-affected

3.11.0-12.19

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1039.41
cosmic

released

4.18.0-1016.18
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

released

4.15.0-1039.41
esm-infra/xenial

not-affected

4.4.0-1001.10
precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/xenial

released

4.15.0-1039.41~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1018.18~18.04.1
cosmic

released

4.18.0-1018.18
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

released

4.15.0-1045.49~14.04.1
esm-infra/bionic

released

4.18.0-1018.18~18.04.1
esm-infra/xenial

released

4.15.0-1045.49
precise/esm

DNE

trusty

released

4.15.0-1045.49~14.04.1
trusty/esm

released

4.15.0-1045.49~14.04.1

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1018.18~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1018.18~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1032.34
cosmic

released

4.18.0-1011.12
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1032.34
esm-infra/xenial

released

4.15.0-1032.34~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-1011.12~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-1011.12~18.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1
xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1032.34
devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1032.34
precise/esm

DNE

trusty/esm

DNE

upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

5.0.0-1011.11~18.04.1
devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty/esm

DNE

upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.18.0-20.21~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-20.21~18.04.1
esm-infra/xenial

released

4.15.0-50.54~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

5.0.0-15.16~18.04.1
cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

5.0.0-15.16~18.04.1
esm-infra/xenial

released

4.15.0-50.54~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1034.34
cosmic

released

4.18.0-1012.12
devel

released

5.0.0-1006.6
disco

released

5.0.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1034.34
esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

3.13.0-24.46~precise1
trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was ignored]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of life, was ignored
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

5.1~rc1
xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1038.43
cosmic

released

4.15.0-1038.43
devel

released

4.15.0-1038.43
disco

released

4.15.0-1038.43
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1038.43
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1013.15
cosmic

released

4.15.0-1013.15
devel

released

4.15.0-1013.15
disco

released

4.15.0-1013.15
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.15.0-1013.15
esm-infra/xenial

released

4.15.0-1013.15~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

РелизСтатусПримечание
bionic

released

4.15.0-1036.38
cosmic

released

4.18.0-1014.16
devel

released

5.0.0-1008.8
disco

released

5.0.0-1008.8
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1
xenial

not-affected

4.2.0-1013.19

Показывать по

РелизСтатусПримечание
bionic

not-affected

4.4.0-1077.82
cosmic

DNE

devel

released

5.0.0-1012.12
disco

released

5.0.0-1012.12
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

5.1~rc1
xenial

not-affected

4.4.0-1012.12

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%
0.03469
Низкий

7.9 High

CVSS2

7.9 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-9500

CVSS3: 6.5
redhat
больше 6 лет назад

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

nvd логотип

CVE-2019-9500

CVSS3: 7.9
nvd
почти 6 лет назад

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

debian логотип

CVE-2019-9500

CVSS3: 7.9
debian
почти 6 лет назад

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc ...

github логотип

GHSA-6jhq-h73f-x439

CVSS3: 8.3
github
больше 3 лет назад

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

fstec логотип

BDU:2020-02044

CVSS3: 8.3
fstec
больше 6 лет назад

Уязвимость функции brcmf_wowl_nd_results драйвер Broadcom brcmfmac WiFi ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность

EPSS

Процентиль: 87%
0.03469
Низкий

7.9 High

CVSS2

7.9 High

CVSS3