CVE-2017-9417 “Broadpwn”

Bug #1713276 reported by Adam Smith on 2017-08-26
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-firmware (Ubuntu)
High
Seth Forshee

Bug Description

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.

Cypress (was Broadcom) have given the Raspberry Pi foundation new releases of the WiFi and Bluetooth firmware to fix the problem. See https://github.com/raspberrypi/linux/issues/1342#issuecomment-321221748

The pre-release files found at the above link are now included in the latest release of raspbian stretch.

Would it be possible to include these new files in the linux-firmware package? Please note at the moment the package is missing the file brcmfmac43430-sdio.txt. Without this file the wifi does not work on the raspberry pi 3.

CVE References

Seth Forshee (sforshee) on 2017-08-29
Changed in linux-firmware (Ubuntu):
assignee: nobody → Seth Forshee (sforshee)
importance: Undecided → High
status: New → Confirmed
Seth Forshee (sforshee) wrote :

The file you linked to does not contain any license information, without that we cannot incorporate it into Ubuntu. In searching I can't find specific information about which firmware version has the fix, but even the RPi-Distro github trees do not seem to have been updated. So I haven't been able to find an updated version of the firmware that we will be able to distribute.

Broadcom did push a version of the firmware to upstream linux-firmware at some point, and this is the version we have in Ubuntu's linux-firmware. The best case is for Broadcom to update the firmware there, then we can easily pull it into Ubuntu.

Seth Forshee (sforshee) wrote :

Sorry, same problem as before. There's still no license information, and without that we cannot know if we are allowed to redistribute the firmware.

Adam Smith (adamsmith) wrote :

I guess this is fixed in 18.10 due to new firmware files.

I've created a new bug on the missing brcmfmac43430-sdio.txt file https://bugs.launchpad.net/ubuntu/+source/linux-firmware/+bug/1799443 . In there I've put a link to a discussion on the license.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers