A security flaw involving a wireless driver poses a severe risk for Linux-based systems.

The buffer overflow bug in NDISwrapper's Windows Wi-Fi driver kicks in when a long Extended Service Set Identifier (ESSID) is processed. The flaw could be used to crash vulnerable systems. In certain conditions, it might even be possible to inject malicious code into systems with kernel-level privileges.

Exploit scenarios would include a hacker near his intended victim who generates malformed traffic to crash affected Linux-based systems.

NDISwrapper version 1.53 is known to be vulnerable. The component appears, for example, in Ubuntu's 2.6.27 kernel. To defend against attack, either update to the latest version of NDISwrapper or install distribution packages that bundle later versions of the program, where available. ®

Related stories

• Bug in latest Linux gives untrusted users root access (3 November 2009)
• Clever attack exploits fully-patched Linux kernel (17 July 2009)
• Research spies holes in Fortune 1000 wireless nets (6 April 2009)
• Penguin-free Linux 2.6.29 kernel released (24 March 2009)
• Cisco wireless flaws pose DoS risk (6 February 2009)
• Researchers find more flaws in wireless security (8 November 2008)
• Review Ubuntu 8.10 - All Hail new Network Manager (3 November 2008)
• Turbo-charged wireless hacks threaten networks (10 October 2008)
• Enterprises throw caution to the wind in 802.11n rush (13 September 2008)
• Open source release takes Linux rootkits mainstream (4 September 2008)
• Red Hat hack prompts critical OpenSSH update (22 August 2008)
• Open Wi-Fi network wraps Mumbai man in bomb blast probe (1 August 2008)
• Weird WEP bug strikes Centrino 2 Wi-Fi (17 July 2008)
• Yet another hole found in BT Wi-Fi router (28 May 2008)