Security Expert Discloses Critical Linux Bug That Allows Potential System Compromise

• A Linux bug that allows hackers to entirely compromise the infected machines has been disclosed.
• This bug has been classified as ‘critical’ and is tracked as CVE-2019-17666.

The big picture

A security flaw in the ‘rtlwifi’ (Realtek WiFi) driver, which is used in Linux devices to communicate with the Linux operating system has been discovered.

• The ‘rtlwifi’ driver is vulnerable to a buffer overflow attack. The excess data has been observed to affect nearby memory space and alter other data.
• This flaw, tracked as CVE-2019-17666, can be exploited by attackers to launch various cyberattacks.

The vulnerability was discovered by Nico Waisman from GitHub who tweeted his findings.

The details

The rtlwifi driver allows certain Realtek Wi-Fi modules. It is a feature called the Notice of Absence protocol, a protocol that helps devices power down their radio to conserve energy.

• The flaw is because the driver does not check certain packets for compatible length. This can be exploited by adding malicious packets to launch various attacks.
• To trigger the flaw, an attacker can send malicious packets from anywhere within the radio range of the targeted device.
• The vulnerability triggers a buffer overflow that could potentially lead to the system crashing or the attacker obtaining access to execute code remotely.
• The attacker does not need any authentication to exploit the flaw.

“The bug is serious… if an attacker is currently using that Realtek driver (rtlwifi), then it’s vulnerable to this bug and someone on a wireless distance range can potentially attack him,” Nico Waisman told Threatpost.

Impacted versions

The vulnerability is said to be existing for four years prior to its discovery and impacts versions up to the Linux kernel operating system 5.3.6.

The Linux team has developed a patch that is yet to be incorporated.