Researcher Discovers Critical Linux WiFi Vulnerability That Existed For Four Years

  •  
  •  
  •  
  • 2
  •  
  •  
  •  
    2
    Shares

Linux users unknowingly remained vulnerable to a serious security flaw for almost four years. Recently, a researcher highlighted a critical Linux WiFi vulnerability that could allow system compromise. The bug existed for four years and still awaits a patch.

Linux WiFi Vulnerability Existing For Years

Reportedly, there is a security vulnerability affecting millions of Linux users. The vulnerability primarily affects the Realtek driver (rtlwifi) allowing an adversary to compromise the targeted system. As discovered by the researcher Nico Waisman, the Linux WiFi vulnerability existed for about four years.

Labelled with CVE ID CVE-2019-17666, this buffer overflow in the kernel is a serious flaw achieving critical severity rating. As described,

A vulnerability was found in Linux Kernel up to 5.3.6 (Operating System). It has been classified as critical. This affects the function rtl_p2p_noa_ie of the file drivers/net/wireless/realtek/rtlwifi/ps.c. The manipulation with an unknown input leads to a memory corruption vulnerability.

While describing the vulnerability, Waisman told ARS Technica,

The bug is serious. It’s a vulnerability that triggers an overflow remotely through Wi-Fi on the Linux kernel, as long as you’re using the Realtek (RTLWIFI) driver.

For now, the researcher is working on a proof-of-concept. He believes the vulnerability can lead to remote code execution upon exploit.

I’m still working on exploitation… On paper, [this] is an overflow that should be exploitable. Worst-case scenario, [this] is a denial of service; best scenario, you get a shell.

Patched Underway

The vulnerability specifically becomes dangerous with WiFi turned on as it requires no user interaction. Moreover, it only affects devices using the Realtek chip. Vulnerable devices remain safe unless the WiFi is turned off.

While the Linux kernel team has seemingly devised a fix to address this bug, it still awaits an official rollout for users.

Let us know your thoughts in the comments.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!