The big picture
A security flaw in the ‘rtlwifi’ (Realtek WiFi) driver, which is used in Linux devices to communicate with the Linux operating system has been discovered.
The vulnerability was discovered by Nico Waisman from GitHub who tweeted his findings.
The rtlwifi driver allows certain Realtek Wi-Fi modules. It is a feature called the Notice of Absence protocol, a protocol that helps devices power down their radio to conserve energy.
“The bug is serious… if an attacker is currently using that Realtek driver (rtlwifi), then it’s vulnerable to this bug and someone on a wireless distance range can potentially attack him,” Nico Waisman told Threatpost.
The vulnerability is said to be existing for four years prior to its discovery and impacts versions up to the Linux kernel operating system 5.3.6.
The Linux team has developed a patch that is yet to be incorporated.