CVE-2017-11121 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Bcm4355c0 Firmware

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents5 sources

Severity

9.8CRITICALNVD

EPSS

2.1%

top 15.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple Tvos Broadcom Bcm4355c0 Firmware

Timeline

PublishedSep 28

Latest updateMay 14

Description

On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶NVDbroadcom/bcm4355c0_firmware9.44.78.27.0.1.56

▶NVDapple/tvos< 11.0

▶NVDapple/iphone_os< 11.0

🔴Vulnerability Details

GHSA

GHSA-f3pv-j4q8-42fr: On Broadcom BCM4355C0 Wi-Fi chips 9↗2022-05-14

▶

CVEList

CVE-2017-11121: On Broadcom BCM4355C0 Wi-Fi chips 9↗2017-09-27

▶

📋Vendor Advisories

Apple

CVE-2017-11121: iOS 11↗2017-09-19

▶

Apple

CVE-2017-11121: tvOS 11↗2017-09-19

▶

Android

CVE-2017-11121: Wi-Fi driver↗2017-09-01

▶