CVE-2023-50809 Information

Description

In certain Sonos products before S1 Release 11.12 and S2 release 15.9 the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake. This lack of validation leads to a stack buffer overflow. This can result in remote code execution within the kernel. This affects Amp Arc Arc SL Beam Beam Gen 2 Beam SL and Five.

Reference

https://www.sonos.com/en-us/security-advisory-2024-0001