An unpatched bug in Linux systems could be exploited to crash the entire operating system, even worse, gain control of the system via nearby devices using Wi-Fi signals.
The flaw stems from the RTLWIFI driver that supports Realtek Wi-Fi chips in Linux systems. The driver flaw can be activated as soon as the affected device is brought under the radio range of a malicious device.
As long as the Wi-Fi is toggled on the victim’s device, a perpetrator, on his malicious device, can hack the Linux system by using the Notice of Absence in Wi-Fi Direct — a power-saving feature built-in the WiFi technique.
“The attack would work by adding vendor-specific information elements to Wi-Fi beacons that, when received by a vulnerable device, trigger the buffer overflow in the Linux kernel,” writes Ars Technica.
According to Nico Waisman, the security engineer at GitHub said that the bug is extremely serious. The flaw is part of the version 3.10.1 of the Linux kernel that was released in 2013.
Found this bug on Monday. An overflow on the linux rtlwifi driver on P2P (Wifi-Direct), while parsing Notice of Absence frames.
The bug has been around for at least 4 years https://t.co/rigXOEId29 pic.twitter.com/vlVwHbUNmf
— Nico Waisman (@nicowaisman) October 17, 2019
Waisman told Ars Technica that he is still working on exploitation and the proof-of-concept attack that exploits the vulnerability in a way that can execute malicious code on a vulnerable machine.
Linux developers have already proposed a fix on Wednesday which will soon be incorporated into the OS Kernel in the coming days. The fix will soon follow in various Linux distributions as well.