If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a WiFi dongle). This can allow firmware event frames from a remote source to be processed and this can result in denial of service (DoS) condition.

References

blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html#cve-2019-9503-remotely-sending-firmware-events-bypassing-is-wlc-event-frame

bugzilla.redhat.com/show_bug.cgi?id=1701842

kb.cert.org/vuls/id/166939/

nvd.nist.gov/vuln/detail/CVE-2019-9503

www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/

www.cve.org/CVERecord?id=CVE-2019-9503

nvd 4

cve 4

debiancve 2

cvelist 3

veracode 1

prion 3

nessus 66

redhat 6

redhatcve 2

ubuntucve 2

f5 1

cert 1

mscve 1

oraclelinux 5

attackerkb 1

openvas 42

ubuntu 7

amazon 2

cloudfoundry 2

suse 3

osv 3

debian 5

fedora 17

slackware 1

androidsecurity 1

centos 1

ibm 2

nvd

CVE-2019-9503

2020-01-16 21:15:12

CVE-2019-9500

2020-01-16 21:15:12

CVE-2019-9466

2019-11-13 20:15:11

cve

CVE-2019-9503

2020-01-16 21:15:12

CVE-2019-9500

2020-01-16 21:15:12

CVE-2019-9466

2019-11-13 20:15:11

debiancve

CVE-2019-9503

2020-01-16 21:15:12

CVE-2019-9500

2020-01-16 21:15:12

cvelist

CVE-2019-9503 Broadcom brcmfmac driver is vulnerable to a frame validation bypass

2020-01-16 20:35:18

CVE-2019-9500 Broadcom brcmfmac driver is vulnerable to a heap buffer overflow

2020-01-16 20:35:18

CVE-2019-15126

2020-02-05 16:17:37

veracode

Denial Of Service (DoS)

2020-06-13 03:28:21

prion

Input validation

2020-01-16 21:15:00

Heap overflow

2020-01-16 21:15:00

Information disclosure

2020-02-05 17:15:00

nessus

Fedora 29 : kernel (2019-8219efa9f6)

2019-05-03 00:00:00

Fedora 28 : kernel (2019-a6cd583a8d)

2019-05-07 00:00:00

RHEL 7 : kpatch-patch (RHSA-2019:2945)

2019-10-02 00:00:00

redhat

(RHSA-2019:2945) Important: kpatch-patch security update

2019-10-01 07:28:36

(RHSA-2019:2741) Important: kernel-rt security and bug fix update

2019-09-11 16:33:02

(RHSA-2019:2703) Important: kernel security and bug fix update

2019-09-10 10:36:22

redhatcve

CVE-2019-9500

2020-04-05 17:08:20

CVE-2019-15126

2020-03-06 16:40:50

ubuntucve

CVE-2019-9503

2019-04-12 00:00:00

CVE-2019-9500

2019-04-12 00:00:00

K50081147 : Linux kernel vulnerabilities CVE-2019-9500, CVE-2019-9503

2022-07-21 00:00:00

cert

Broadcom WiFi chipset drivers contain multiple vulnerabilities

2019-04-17 00:00:00

mscve

Microsoft HoloLens Remote Code Execution Vulnerabilities

2019-06-11 07:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2020-05-07 00:00:00

kernel security and bug fix update

2019-09-12 00:00:00

Unbreakable Enterprise kernel security update

2020-05-06 00:00:00

attackerkb

CVE-2019-15126 aka Kr00k

2020-02-05 00:00:00

openvas

Ubuntu: Security Advisory (USN-4076-1)

2019-07-26 00:00:00

Ubuntu: Security Advisory (USN-4095-1)

2019-08-14 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:1242-1)

2021-04-19 00:00:00

ubuntu

Linux kernel vulnerabilities

2019-07-25 00:00:00

Linux kernel vulnerabilities

2019-08-13 00:00:00

Linux kernel vulnerabilities

2019-05-14 00:00:00

amazon

Important: kernel

2019-05-29 19:35:00

Important: kernel

2019-05-29 18:59:00

cloudfoundry

USN-3981-2: Linux kernel (HWE) vulnerabilities (AKA ZombieLoad Attack) | Cloud Foundry

2019-05-20 00:00:00

USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2019-08-29 00:00:00

suse

Security update for the Linux Kernel (important)

2019-05-16 00:00:00

Security update for the Linux Kernel (important)

2019-05-31 00:00:00

Security update for the Linux Kernel (important)

2019-05-20 00:00:00

osv

linux - security update

2019-06-17 00:00:00

linux-4.9 - security update

2019-06-17 00:00:00

linux - security update

2019-05-23 00:00:00

debian

[SECURITY] [DSA 4465-1] linux security update

2019-06-17 18:00:31

[SECURITY] [DSA 4465-1] linux security update

2019-06-17 18:00:31

[SECURITY] [DLA 1824-1] linux-4.9 security update

2019-06-18 10:23:55

fedora

[SECURITY] Fedora 29 Update: kernel-5.0.10-200.fc29

2019-05-03 03:44:13

[SECURITY] Fedora 29 Update: kernel-5.0.16-200.fc29

2019-05-15 16:48:45

[SECURITY] Fedora 29 Update: kernel-5.0.19-200.fc29

2019-06-04 02:23:01

slackware

[slackware-security] kernel

2019-06-18 22:33:08

androidsecurity

Pixel Update Bulletin—November 2019

2019-11-04 00:00:00

centos

bpftool, kernel, perf, python security update

2020-04-08 17:30:30

ibm

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za

2019-07-25 15:25:01

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

2021-08-13 22:15:02

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.002 Low

EPSS

Percentile

55.0%

JSON

Related for RH:CVE-2019-9503