CVE-2017-11122
published 2017-10-04CVE-2017-11122: On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6…
PriorityP336high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EPSS
1.00%
77.4th percentile
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | <= 10.3.3 | — |
| apple | tvos | <= 10.2.2 | — |
| apple | tvos | — | — |
| broadcom | bcm4355c0_firmware | <= 9.44.78.27.0.1.56 | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Apple
CVE-2017-11122: tvOS 11
vendor_apple·2017-09-19·CVSS 7.5
CVE-2017-11122 [HIGH] CVE-2017-11122: tvOS 11
Apple Security Update: About the security content of tvOS 11
Product: tvOS
Version: 11
CVE: CVE-2017-11122
Component: Wi-Fi
Impact: A attacker within range may be able to read restricted memory from the Wi-Fi chipset
Description: A validation issue was addressed with improved input sanitization.
Apple
CVE-2017-11122: iOS 11
vendor_apple·2017-09-19·CVSS 7.5
CVE-2017-11122 [HIGH] CVE-2017-11122: iOS 11
Apple Security Update: About the security content of iOS 11
Product: iOS
Version: 11
CVE: CVE-2017-11122
Component: Wi-Fi
Impact: A attacker within range may be able to read restricted memory from the Wi-Fi chipset
Description: A validation issue was addressed with improved input sanitization.
GHSA
GHSA-r6vg-fch5-hgx8: On Broadcom BCM4355C0 Wi-Fi chips 9
ghsa_unreviewed·2022-05-14
CVE-2017-11122 [HIGH] CWE-200 GHSA-r6vg-fch5-hgx8: On Broadcom BCM4355C0 Wi-Fi chips 9
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak due to insufficient length validation, related to ICMPv6 router advertisement offloading.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/144461/Broadcom-ICMPv6-Information-Leak.htmlhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1300https://support.apple.com/HT208112https://support.apple.com/HT208113https://support.apple.com/en-us/HT208112https://support.apple.com/en-us/HT208113http://packetstormsecurity.com/files/144461/Broadcom-ICMPv6-Information-Leak.htmlhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1300https://support.apple.com/HT208112https://support.apple.com/HT208113https://support.apple.com/en-us/HT208112https://support.apple.com/en-us/HT208113
2017-10-04
Published