CVE-2018-4299: A denial of service vulnerability exists in certain Broadcom BCM43xx 802.11n devices when processing certain 802.11r frames. An unauthenticated attacker can exploit this by sending a very large number of 802.11r frames, resulting in a device crash. An attacker can also send a very large number of 802.11r frames with a length less than the length of the maximum allowed frame, resulting in a device crash. It’s recommended that device users switch to the “Low-Rate” 802.11r mode where possible, to reduce the risk of exploitation. This issue does not affect devices running the latest firmware. Workaround: Upgrade to the latest firmware or disable 802.11r. CVE-2018-4316: An information disclosure vulnerability exists in certain Broadcom BCM43xx 802.11n devices when processing certain frames. An unauthenticated attacker can exploit this by sending a crafted packet to a vulnerable device. A successful exploit could allow the attacker to determine the device’s configuration. Workaround: Upgrade to the latest firmware or disable 802.11r. CVE-2018-4348: A denial of service vulnerability exists in certain Broadcom BCM43xx 802.11n devices when processing certain frames. An unauthenticated attacker can exploit this by sending a crafted packet to a vulnerable device. A successful exploit could result in an endless stream of trap messages being sent to a device
Vulnerable devices
Broadcom BCM43xx 802.11n devices, including those running the latest firmware, are vulnerable to these three vulnerabilities.
N/A
Timeline
Published on: 08/23/2022 00:15:00 UTC
Last modified on: 08/24/2022 14:57:00 UTC