An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.
References
Advertisement
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Information
Published : 2020-02-05 09:15
Updated : 2020-08-11 12:15
NVD link : CVE-2019-15126
Mitre link : CVE-2019-15126
JSON object : View
CWE
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
Advertisement
Products Affected
broadcom
- bcm43012_firmware
- bcm43012
- bcm4375_firmware
- bcm4389_firmware
- bcm4389
- bcm43752
- bcm43013
- bcm43013_firmware
- bcm4356
- bcm43752_firmware
- bcm4375
- bcm4356_firmware
apple
- mac_os_x
- iphone_os
- ipados