Stories
Slash Boxes
Comments

SoylentNews is people

Unpatched Linux Bug May Open Devices to Serious Attacks Over Wi-Fi

posted by janrinok on Friday October 18 2019, @08:56PM   Printer-friendly
from the don't-panic-Mr-Mannering! dept.
Security

upstart writes:

Submitted via IRC for carny

Unpatched Linux bug may open devices to serious attacks over Wi-Fi

A potentially serious vulnerability in Linux may make it possible for nearby devices to use Wi-Fi signals to crash or fully compromise vulnerable machines, a security researcher said.

The flaw is located in the RTLWIFI driver, which is used to support Realtek Wi-Fi cards in Linux devices. The vulnerability triggers a buffer overflow in the Linux kernel when a machine with a Realtek Wi-Fi card is within radio range of a malicious device. At a minimum, exploits would allow denial-of-service attacks and possibly could allow a hacker to gain complete control of the computer. The flaw dates back to version 3.12 of the Linux kernel released in 2013.

"The bug is serious," Nico Waisman, who is a principal security engineer at Github, told Ars. "It's a vulnerability that triggers an overflow remotely through Wi-Fi on the Linux kernel, as long as you're using the Realtek (RTLWIFI) driver."

The vulnerability is tracked as CVE-2019-17666. Linux developers proposed a fix on Wednesday that will likely be incorporated into the OS kernel in the coming days or weeks. Only after that will the fix make its way into various Linux distributions.

Waisman said he has not yet devised a proof-of-concept attack that exploits the vulnerability in a way that can execute malicious code on a vulnerable machine.

Original Submission

This discussion has been archived. No new comments can be posted.
Unpatched Linux Bug May Open Devices to Serious Attacks Over Wi-Fi | Log In/Create an Account | Top | 5 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 0) by Anonymous Coward on Friday October 18 2019, @10:23PM (2 children)

    by Anonymous Coward on Friday October 18 2019, @10:23PM (#908997)

    Of course from shitty Realtek chipsets.

    Avoid anything Realtek if you can help it.

    A real "bug" would be if anyone can actually get a Realtek device to work, ever.

    • (Score: 0) by Anonymous Coward on Saturday October 19 2019, @12:18AM (1 child)

      by Anonymous Coward on Saturday October 19 2019, @12:18AM (#909043)

      I could go on, but the world runs on realtek components to the point where 90 percent of audio codecs sold for many years were realtek parts.
      And documented/open-source drivers available.

      Unfortunately today they cater to DRM, use signed and encrypted firmware, etc. How the greats always fall.

      • (Score: 0) by Anonymous Coward on Saturday October 19 2019, @06:22PM

        by Anonymous Coward on Saturday October 19 2019, @06:22PM (#909309)

        their ubiquity is not because they are good. realtek is a joke of a company. just look at their shitty fucking website or how long this goddamn bug existed. they are half assed hacks.

  • (Score: 3, Interesting) by Anonymous Coward on Saturday October 19 2019, @12:03AM (1 child)

    by Anonymous Coward on Saturday October 19 2019, @12:03AM (#909033)

    Exploit only affects p2p mode. 99.99+% chance, it does not affect you, even if you have a "vulnerable" realtek card.

    • (Score: 1) by mmlj4 on Saturday October 19 2019, @02:38PM

      by mmlj4 (5451) on Saturday October 19 2019, @02:38PM (#909257) Homepage

      I was wondering about that as well. How could a NIC be affected by a lone P2P node if it's already associated with an AP?

      --
      Need a Linux consultant [joeykelly.net] in New Orleans?
(1)