Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-0801Improper Input Validation in Apple OS X EL Capitan V10.11.4 AND Security Update 2016-002

CWE-20Improper Input Validation12 documents9 sources
Severity
9.8CRITICALNVD
EPSS
47.5%
top 2.29%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
8
Debian Firmware-nonfreeApple Iphone OSApple MAC OS X+5 more
Timeline
PublishedFeb 7
Latest updateMay 14

Description

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages11 packages

NVDgoogle/android5 versions+4
debiandebian/firmware-nonfree< firmware-nonfree 20180518-1 (bookworm)
NVDapple/tvos9.1

🔴Vulnerability Details

2
GHSA
GHSA-f9jm-8gc5-4v7g: The Broadcom Wi-Fi driver in the kernel in Android 42022-05-14
OSV
CVE-2016-0801: The Broadcom Wi-Fi driver in the kernel in Android 42016-02-07

💥Exploits & PoCs

1
Exploit-DB
Google Android Broadcom Wi-Fi Driver - Memory Corruption2016-05-11

📋Vendor Advisories

7
Red Hat
squid: Cache poisoning issue in HTTP Request handling2016-05-06
Android
CVE-2016-0801: Android Security Bulletin 2016-02-01 CVE: CVE-2016-0801 Severity: CRITICAL Affected AOSP versions: 42016-02-01
Debian
CVE-2016-0801: firmware-nonfree - The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before ...2016
Apple
CVE-2016-0801: iOS 9.3
Apple
CVE-2016-0801: watchOS 2.2

💬Community

1
Bugzilla
CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling2016-05-09