Tux Machines

Wireless Issue in Linux Reported

Posted by Roy Schestowitz on Oct 13, 2022

Videos: Linuxfx, Amarok Linux, GNOME 43, and Linux Action News

Ubuntu News: Ubuntu Community Council, Advantechâ€™s ITA-460, and Ubuntu LTS Releases

↺ Seclists

Various Linux Kernel WLAN security issues (RCE/DOS) found

↺ Various Linux Kernel WLAN security issues (RCE/DOS) found

[oss-security] Various Linux Kernel WLAN security issues (RCE/DOS) found

↺ [oss-security] Various Linux Kernel WLAN security issues (RCE/DOS) found

Security Researcher Soenke Huster from Tu Darmstadt (

shuster@seemoo.tu-darmstadt.de ) emailed SUSE with a buffer overwrite in

the Linux Kernel mac80211 framework triggered by WLAN frames.

We delegated the issue to the kernel security folks, and Soenke and

Johannes Berg from Intel evaluated and worked on this issue.

During their research they found multiple more problems in the WLAN

stack, exploitable over the air.

Some remotely exploitable kernel WiFi vulnerabilities [LWN.net]

↺ Some remotely exploitable kernel WiFi vulnerabilities [LWN.net]

It would appear that there is a set of memory-related vulnerabilities in the kernel's WiFi stack that can be exploited over the air via malicious packets; five CVE numbers have been assigned to the set. Fixes are headed toward the mainline and should show up in stable updates before too long; anybody who uses WiFi on untrusted networks should probably keep an eye out for the relevant updates.

gemini.tuxmachines.org