Linux Kernel Wi-Fi Brcmfmac Component Bsscfg Index Validation Vulnerability

A vulnerability exists in the Linux kernel's handling of interface events for the Brcmfmac Wi-Fi driver. The issue arises because the driver validates the firmware-provided interface index but fails to properly check the corresponding Bsscfg index before using it to access the driver's interface list. This oversight could lead to invalid memory access or other unintended behavior.

Impact

Improper validation of Bsscfg indices in the Brcmfmac Wi-Fi driver can result in memory corruption or undefined behavior, potentially leading to a denial of service or other security issues.

Reproduction

The vulnerability can be reproduced by sending interface events to the Brcmfmac driver with invalid Bsscfg indices that do not correspond to the driver's interface list. This can be done by manipulating the firmware or using a custom driver that sends such events.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is available in the Linux kernel stable tree.