Improper Input Validation Affecting firmware-nonfree package, versions <20180518-1


Severity

Recommended
0.0
critical
0
10

Snyk's Security Team recommends NVD's CVSS assessment

    Threat Intelligence

    Exploit Maturity
    Mature
    EPSS
    6.3% (94th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-DEBIANUNSTABLE-FIRMWARENONFREE-268121
  • published 7 Feb 2016
  • disclosed 7 Feb 2016

How to fix?

Upgrade Debian:unstable firmware-nonfree to version 20180518-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream firmware-nonfree package and not the firmware-nonfree package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.