CVE-2017-9417 firmware fix with b43-fwcutter?
Larry Finger
Larry.Finger at lwfinger.net
Wed Sep 6 14:26:04 PDT 2017
On 09/06/2017 12:58 AM, Drew Scott Daniels wrote:
> Hi,
> Is there newer firmware that fixes the CVE-2017-9417 vulnerability or does
> it not apply to devices supported by this driver? If there is a different
> CVE not released you can say that this doesn't apply. Is there newer
> firmware in pre-release (e.g. brcmfw_170808.tgz)or is that firmware
> unrelated (e.g. just for the BCM43430 that isn't listed as supported)?
>
> https://blog.exodusintel.com/2017/07/26/broadpwn/ indicates the
> vulnerabilities are focused in HardMAC and seems to imply that SoftMAC isn't
> vulnerable (at least on the firmware side as the vulnerability is in the MAC
> code). The models listed as affected on that site are BCM4339 through
> BCM4361 though it seems others may be affected.
For the devices handled by b43, I do not think that Broadpwm is a problem. As
the blog states "On laptops and desktop computers, the WiFi chipset generally
handles the PHY layer while the kernel driver is responsible for handling layer
3 and above.". Of course, that exploit could be a problem for mac80211, but that
would be true for all softmac devices. A second reason is that the b43 and
b43legacy devices do not run a general-purpose on-board processor such as ARM.
What they have is better described as a micro controller. That firmware would be
hard to modify for an exploit.
Larry
More information about the b43-dev
mailing list