New Linux Wi-Fi driver security flaw has been discovered
April 17, 2007
A new security flaw has been discovered in a popular Linux Wi-Fi driver that can enable a potential hacker to take control of a laptop, even while it isn't connected to a Wi-Fi network. Overall, there have not been that many Linux Wi-Fi device drivers, and this could be the first remotely executable Wi-Fi security hole.
According to Laurent Butti, a researcher from France Telecom's Orange division, the new security hole could affect the widely used Mad Wi-Fi Linux kernel device driver for Atheros-based Wi-Fi chipsets. Butti discovered the security hole and released the information in a presentation at last month's Black Hat conference in Amsterdam.
Butti said "you could be vulnerable if you don't manually patch your MadWi-Fi driver."
Before making the news public, Butti shared the potential hole with the MadWi-Fi development team, who have since released a security patch. But not all Linux distributions have yet built the patch into their code, added Butti.
The Linux kernel stack-overflow bug lets an attacker run malicious code, and can be used even if the machine is not even actively on a Wi-Fi network, according to Butti, who used "fuzzing" techniques which had been shown by David Maynor and Jon Ellch, at last year's Black Hat USA conference, and also previously exploited on Windows and Macintosh systems.
Overall, Linux users have previously suffered from a shortage of Linux drivers, and have campaigned to get wireless networks supported in the Linux kernel. With fewer Linux laptops on Wi-Fi networks, security experts (and presumably hackers) have taken longer and longer to get round to Linux drivers.
However, the issue of handling remote data at the kernel level can cause serious trouble on the Linux open source operating system just as easily as any other OS.
Butti has previously developed the RAW series of proof-of-concept hacker tools.
He also found the Windows Wi-Fi flaw by fuzzing, during the Month of Kernel Bugs in 2006.
According to Butti, fuzzing is a blessing, since it's a low-cost way for security researchers to uncover obvious bugs that may get overlooked at first, and then exploited by potential hackers.
In the future, Butti expects fuzzing to reveal other security flaws in various wireless technologies like WiMax, and wireless USB, as well as many more bugs in the extensions that are regularly added to Wi-Fi.
Source: IT World Canada
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing