{"id":"CVE-2019-9501","details":"The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.","aliases":["A-130373736","ASB-A-130373736"],"modified":"2026-03-14T09:44:14.439720Z","published":"2020-02-03T21:15:11.487Z","references":[{"type":"ADVISORY","url":"https://kb.cert.org/vuls/id/166939/"},{"type":"EVIDENCE","url":"https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9501.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}