CVE-2023-50809

In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL, and Five.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.sonos.com/en-us/security-advisory-2024-0001

Configurations

No configuration.

History

13 Aug 2024, 14:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
Summary		(es) En ciertos productos Sonos anteriores a la versión S1 11.12 y S2 versión 15.9, el controlador inalámbrico mt_7615.ko no valida correctamente un elemento de información durante la negociación de un protocolo de enlace de cuatro vías WPA2. Esta falta de validación provoca un desbordamiento del búfer de pila. Esto puede resultar en la ejecución remota de código dentro del kernel. Esto afecta a Amp, Arc, Arc SL, Beam, Beam Gen 2, Beam SL y Five.
CWE		CWE-121

12 Aug 2024, 13:41

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-08-12 13:38

Updated : 2024-08-13 14:35

NVD link : CVE-2023-50809

Mitre link : CVE-2023-50809

CVE.ORG link : CVE-2023-50809

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

7.8 /10