SA-2024-103 - MediaTek SDK WLAN Service Input Vali... - Extreme Networks

Summary
In WLAN service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Products Potentially Affected

OS/Product	Exposure
ExtremeCloud IQ (XIQ)	No
ExtremeCloud IQ Controller (IQC/XCC)	No

Repair Recommendations
None.

Please see the full security advisory article here for more details and updates.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)

GTM-P2G8KFN

Extreme Networks

SA-2024-103 - MediaTek SDK WLAN Service Input Validation (CVE-2024-20017)

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)