Broadcom components

CVE numbers: CVE-2017-9417 [Bulletin-CVE-2017-9417]
Coordinated disclosure?: unknown
Categories: Broadcom components
Details: Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. [NIST-CVE-2017-9417]
Discovered by: Nitay Artenstein of Exodus Intelligence [Discovery-CVE-2017-9417] on: Unknown
Reported on: 2017-07-01 [Bulletin-CVE-2017-9417]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: Broadcom [Bulletin-CVE-2017-9417]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-26

CVE numbers: CVE-2017-11120 [Bulletin-CVE-2017-11120]
Coordinated disclosure?: unknown
Categories: Broadcom components
Details: On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, an attacker can craft a malformed RRM neighbor report frame to trigger an internal buffer overflow in the Wi-Fi firmware, aka B-V2017061204. [NIST-CVE-2017-11120]
Discovered by: on: Unknown
Reported on: 2017-09-01 [Bulletin-CVE-2017-11120]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: Broadcom [Bulletin-CVE-2017-11120]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-26

CVE numbers: CVE-2017-11121 [Bulletin-CVE-2017-11121]
Coordinated disclosure?: unknown
Categories: Broadcom components
Details: On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205. [NIST-CVE-2017-11121]
Discovered by: on: Unknown
Reported on: 2017-09-01 [Bulletin-CVE-2017-11121]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: Broadcom [Bulletin-CVE-2017-11121]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-26

CVE numbers: CVE-2017-7065 [Bulletin-CVE-2017-7065]
Coordinated disclosure?: unknown
Categories: Broadcom components
Details: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. The issue involves the "Wi-Fi" component. It allows remote attackers to execute arbitrary code (on the Wi-Fi chip) or cause a denial of service (memory corruption) by leveraging proximity for 802.11. [NIST-CVE-2017-7065]
Discovered by: on: Unknown
Reported on: 2017-09-01 [Bulletin-CVE-2017-7065]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: Broadcom [Bulletin-CVE-2017-7065]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-26

CVE numbers: CVE-2017-13292 [Bulletin-CVE-2017-13292]
Coordinated disclosure?: unknown
Categories: Broadcom components
Details: In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-70722061. References: B-V2018010201. [NIST-CVE-2017-13292]
Discovered by: Daxing Guo of Tencent's Xuanwu Lab [Discovery-CVE-2017-13292] on: Unknown
Reported on: 2018-04-01 [Bulletin-CVE-2017-13292]
Fixed on: Unknown
Fix released on: 2018-04-05 [Bulletin-CVE-2017-13292]
Affected versions: regex:
Affected devices:
Affected manufacturers: Broadcom [Bulletin-CVE-2017-13292]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-25

AndroidVulnerabilities.org