New bug found in MadWiFi Linux kernel driver

Linux Security : New bug found in MadWiFi Linux kernel driver

Posted by Max on 2007/4/17 16:30:14 (1697 reads)

A software bug has been found in MadWiFi Linux kernel driver that can allow a hacker to take control of a laptop - even when it is not hooked on a WiFi network.

There have not been many Linux WiFi device drivers, and this is actually the first remotely executable WiFi bug. It affects the broadly used MadWiFi Linux kernel device driver for Atheros-based WiFi chipsets, according to Laurent Butti, a security researcher from France Telecom Orange, who found the flaw and released the news in a presentation at last month's Black Hat conference in Amsterdam.

"You may be vulnerable if you do not manually patch your MadWiFi driver," said Butti. Before making it public, he shared the flaw with the MadWiFi development team, who have released a patch. However, not all Linux distributions have yet built the patch into their code, said Butti.

The kernel stack-overflow bug lets an attacker run malicious code, and can be used even if the machine is not actively on a WiFi network, according to Butti, who used "fuzzing" techniques which had been shown by David Maynor and "Johnny Cache" Jon Ellch, at last year's Black Hat USA conference, and previously exploited on Windows and Macintosh systems.

Linux users have previously suffered from a shortage of Linux drivers, and have campaigned to get wireless networks supported in the Linux kernel. With fewer Linux laptops on WiFi networks, security experts - and presumably hackers - have taken longer to get round to Linux drivers, but issue of handling remote data at the kernel level can cause trouble on the open source OS just as easily as any other.

Butti has previously developed the RAW series of proof-of-concept hacker tools. He also found the Windows WiFi flaw by fuzzing, during the Month of Kernel Bugs last year.

Fuzzing is a blessing, according to Butti, because it is a low-cost way for security researchers to uncover obvious bugs that may get overlooked, and exploited by hackers.

In future, he expects fuzzing to reveal bugs in other wireless technologies like WiMax, and wireless USB, as well as many more bugs in the extensions that are regularly added to WiFi.

Previous article - Next article

Other articles
2010/3/18 8:07:31 - Panda Cloud Antivirus Receives ICSA Labs' First Cloud-Based Certification
2010/3/17 15:49:34 - Open-Source Email Security Taken To The Next Level at WebhostingDay
2010/3/17 15:18:40 - McAfee Warns ABout Scareware or Fake Antivirus Software
2010/3/2 5:22:13 - VeriSign and AVG Will Integrate VeriSign Trust(TM) Seal Within AVG LinkScanner(R)
2010/3/1 7:36:12 - New Stealth Software Protects P2P Users From Lawsuits by Copyright Holders
2010/2/24 13:55:16 - New State of The Art Firewall By Palo Alto Networks
2010/2/24 13:50:26 - Beware of Fake Antimalware Programs Like PCsProtector
2010/2/24 13:38:02 - New Registry Cleaner Guide Helps Your PC Perform Faster
2010/2/3 7:32:43 - PC Login Now (Full version) Available Now For Free.
2010/2/3 7:11:57 - Mitto Named One of 20 Top Web Applications

The comments are owned by the poster. We aren't responsible for their content.