Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
During parsing of beacon or probe response frames sent by an access point (AP), the vulnerable code does not properly verify the number of supported links contained in the MLIE (Multi-Link Information Element). When the AP provides more such links than expected, memory corruption occurs (CWE-823 — improper use of pointer). An attacker controlling or impersonating an access point can send a specially crafted frame and trigger this error on a victim device within the wireless network range.
Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code (RCE) or cause system crash, leading to violation of confidentiality, integrity, and availability of the device.
Patches available from the manufacturer should be applied according to the references — a detailed list of vulnerable versions and corresponding updates is available in the Qualcomm Product Security Bulletin from March 2024: https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin
Qualcomm AR8035 Firmware, Qualcomm CSR8811 Firmware, Qualcomm FastConnect 6900 Firmware, and other Qualcomm products indicated in the manufacturer's security bulletin from March 2024.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HQualcomm Ar8035
HWQualcommwszystkie wersjeQualcomm Ar8035 Firmware
OSQualcommwszystkie wersjeQualcomm Csr8811
HWQualcommwszystkie wersjeQualcomm Csr8811 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 6900
HWQualcommwszystkie wersjeQualcomm Fastconnect 6900 Firmware
OSQualcommwszystkie wersjeQualcomm Fastconnect 7800
HWQualcommwszystkie wersjeQualcomm Fastconnect 7800 Firmware
OSQualcommwszystkie wersjeQualcomm Immersive Home 214
HWQualcommwszystkie wersjeQualcomm Immersive Home 214 Firmware
OSQualcommwszystkie wersjeQualcomm Immersive Home 216
HWQualcommwszystkie wersjeQualcomm Immersive Home 216 Firmware
OSQualcommwszystkie wersjeQualcomm Immersive Home 316
HWQualcommwszystkie wersjeQualcomm Immersive Home 316 Firmware
OSQualcommwszystkie wersjeQualcomm Immersive Home 318
HWQualcommwszystkie wersjeQualcomm Immersive Home 318 Firmware
OSQualcommwszystkie wersjeQualcomm Immersive Home 3210
HWQualcommwszystkie wersjeQualcomm Immersive Home 3210 Firmware
OSQualcommwszystkie wersjeQualcomm Immersive Home 326
HWQualcommwszystkie wersjeQualcomm Immersive Home 326 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq5010
HWQualcommwszystkie wersjeQualcomm Ipq5010 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq5028
HWQualcommwszystkie wersjeQualcomm Ipq5028 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq5302
HWQualcommwszystkie wersjeQualcomm Ipq5302 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq5312
HWQualcommwszystkie wersjeQualcomm Ipq5312 Firmware
OSQualcommwszystkie wersjeQualcomm Ipq5332
HWQualcommwszystkie wersjeQualcomm Ipq5332 Firmware
OSQualcommwszystkie wersje
Related vulnerabilities
Qualcomm: Memory Corruption przy ładowaniu uszkodzonego obrazu ELF
Memory corruption w Qualcomm podczas składania pakietów RTP (NALUs)
Qualcomm Firmware — memory corruption przy wyborze PLMN z listy SOR
Qualcomm: podatność kryptograficzna umożliwiająca Auth Bypass podczas pobierania
Qualcomm: Uszkodzenie pamięci przy parsowaniu ML IE w firmware