Buffer overflow bug bites Linux wireless component
Proximity hack threat sparks security update
A security flaw involving a wireless driver poses a severe risk for Linux-based systems.
The buffer overflow bug in NDISwrapper's Windows Wi-Fi driver kicks in when a long Extended Service Set Identifier (ESSID) is processed. The flaw could be used to crash vulnerable systems. In certain conditions, it might even be possible to inject malicious code into systems with kernel-level privileges.
Exploit scenarios would include a hacker near his intended victim who generates malformed traffic to crash affected Linux-based systems.
NDISwrapper version 1.53 is known to be vulnerable. The component appears, for example, in Ubuntu's 2.6.27 kernel. To defend against attack, either update to the latest version of NDISwrapper or install distribution packages that bundle later versions of the program, where available. ®