News

Github employee discovers vulnerability in Realtek WiFi driver on Linux

By admin
Spread the love

A problem in the Linux drivers of Realtek WiFi chips could allow users to remotely crash or take over other people’s systems. The bug allows attackers to cause a buffer overflow on nearby Linux systems.

The bug, designated CVE-2019-17666, was introduced in 2013 Linux kernel version 3.10.1 and has not yet been fixed. The problem is in the RTLWIFI driver, which is used to support Realtek WiFi chips on Linux. At the very least, the bug appears to be capable of causing an operating system crash. The flaw may even allow malicious parties to take over entire systems.

The vulnerability could theoretically be exploited when an affected system is in radio range of a malicious user. This does not require access to the affected device, provided it has Wi-Fi turned on. The vulnerability uses the Notice of Absence feature for power saving. This function is incorporated in Wi-Fi Direct, a standard that allows two devices to connect via WiFi without the need for an access point. The vulnerability cannot be exploited if the WiFi on a device is turned off. Systems that contain a WiFi chip from another manufacturer are also safe. Ars Technica writes that Android devices with Realtek chips may also be vulnerable, based on two different links. This cannot yet be said with certainty. Google has not yet responded to this, Ars Technica reports.

The bug was found by Nico Waisman of Github. After he found this one, he shared his discovery on Twitter. According to Waisman, this bug is a serious problem. “It’s a vulnerability that a [buffer] can cause overflow over Wi-Fi on the Linux kernel, provided you use a Realtek driver,” Waisman tells Ars Technica. Waisman himself has not yet been able to create a proof of concept attack that allows remote code execution. Exploitation of the vulnerability on paper is possible, in the worst case a full-blown denial of service attack, in the best case attackers are given a shell, an environment where users can execute commands and programs.

Linux developers proposed a possible solution on Wednesday. It will probably be added to the Linux kernel shortly.

You might also like
News

X begins to deploy the audio and video calling function (but only paying users can…

News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Telegram has over 800 million active users and is not yet profitable

News

Anticheat FaceIT gets Linux version, enables Steam Deck support

News

Brave sells web content as data for AI training