http://www.theregister.co.uk/2017/04/05/broadcom_wifi_chip_bugs/
There are remote code execution vulnerabilities in Broadcom's SoC WiFi subsystems. Devices can be p0wned over the air, without user interaction, and regardless of handset manufacturer.
Known to be vulnerable are
For those with time to spare, the blow-by-blow provides an interesting insight in the inner workings of these things:
https://googleprojectzero.blogspot.com.au/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html
There are remote code execution vulnerabilities in Broadcom's SoC WiFi subsystems. Devices can be p0wned over the air, without user interaction, and regardless of handset manufacturer.
Known to be vulnerable are
Nexus 5, 6 and 6P, most Samsung flagship devices, plus all iPhones since the iPhone 4 and newer iPods and iPads
For those with time to spare, the blow-by-blow provides an interesting insight in the inner workings of these things:
https://googleprojectzero.blogspot.com.au/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html