Broadcom suffers from a buffer overflow vulnerability when parsing CCKM re-association responses.