A new serious Wi-Fi vulnerability has been reported by security researchers, this time in Linux.
The vulnerability which resides in the rtlwifi driver that mainly supports the Realtek Wi-Fi chips model used in Linux devices, could allow attackers compromise a system using nearby Wi-Fi devices.
CVE-2019-17666: Short Technical Description
The flaw is assigned the CVE-2019-17666 identifier, and has been classified as critical in severity. As already mentioned, the bug exists in the rtlwifi driver, a software component which allows specific Realtek Wi-Fi modules, used in Linux devices, to communicate with the Linux operating system.
A buffer overflow attack would occur when a process or a specific program attempts to write more data in buffer or block of memory than the actual buffer is allocated to hold the data. Such an attack could trigger a response that damages files, changes data or exposes private information, alter the data, and sometimes open the backdoor for attackers.
The vulnerability was discovered by security researcher Nicolas Waisman who “noticed that even though noa_len is checked for a compatible length it’s still possible to overrun the buffers of p2pinfo since there’s no check on the upper bound of noa_num.”
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: