CYBER NEWS

CVE-2019-17666: Severe Linux Vulnerability in the rtlwifi Driver


A new serious Wi-Fi vulnerability has been reported by security researchers, this time in Linux.

The vulnerability which resides in the rtlwifi driver that mainly supports the Realtek Wi-Fi chips model used in Linux devices, could allow attackers compromise a system using nearby Wi-Fi devices.




CVE-2019-17666: Short Technical Description

The flaw is assigned the CVE-2019-17666 identifier, and has been classified as critical in severity. As already mentioned, the bug exists in the rtlwifi driver, a software component which allows specific Realtek Wi-Fi modules, used in Linux devices, to communicate with the Linux operating system.

A buffer overflow attack would occur when a process or a specific program attempts to write more data in buffer or block of memory than the actual buffer is allocated to hold the data. Such an attack could trigger a response that damages files, changes data or exposes private information, alter the data, and sometimes open the backdoor for attackers.

The vulnerability was discovered by security researcher Nicolas Waisman who “noticed that even though noa_len is checked for a compatible length it’s still possible to overrun the buffers of p2pinfo since there’s no check on the upper bound of noa_num.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...