A vulnerability in the Wi-Fi modules of many modern gadgets exposes device to DoS-attacks

Posted: October 26, 2012 in Uncategorized
Tags: , , , ,

Broadcom

Vulnerability in the Wi-Fi modules

In the two non-wireless Internet access production Broadcom found serious flaw that can cause denial of service.

Researchers CoreSecurity Andres Blanco discovered a serious vulnerability in two Wi-Fi-module, which provides wireless access to the Internet, which are installed in a number of modern smartphones.

According to Blanco, chips made by Broadcom Corporation contain unterminated hole that attackers can use to carry out DoS-attacks.

In the study, Blanco found the vulnerability CVE-2012-2619 is present in the chipset BCM4325 and BCM4329 and allows a remote user to DoS-attack, using the read error beyond the borders of the data.

According to experts, the affected products Broadcom BCM4325 completed a number of modern gadgets production of various companies, including Apple iPhone 3GS, Apple iPod 2G, HTC Touch Pro 2, HTC Droid Incredible, Samsung Spica, Acer Liquid, Motorola Devour, and the car Ford Edge.

Chip BCM4329, which is also subject vulnerability is set to Apple iPhone 4, Apple iPod 3G, Apple iPad Wi-Fi, Apple iPad 3G, Apple iPad 2, Apple Tv 2G, Motorola Xoom, Motorola Droid X2, Motorola Atrix, Samsung Galaxy Tab , Samsung Galaxy S 4G, Samsung Nexus S, Samsung Stratosphere, Samsung Fascinate, HTC Nexus One, HTC Evo 4G, HTC ThunderBolt, HTC Droid Incredible 2, LG Revolution, Sony Ericsson Xperia Play, Pantech Breakout, Nokia Lumina 800, Kyocera Echo, Asus Transformer Prime and Malata ZPad.

Detailed description of the vulnerability is available at:

https://malwarelist.net/2012/10/26/denial-of-service-in-the-bcm/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s