Multiple Linux Vendor MADWifi Kernel Driver Buffer Overflow

Descrição da Vulnerabilidade:

Citação:

Remote exploitation of a buffer overflow vulnerability in the MadWifi kernel driver could allow an attacker to gain kernel-level privileges.

MadWifi is a kernel driver for wireless chipsets from Atheros. Due to a lack of bounds checking on stack-based buffers a buffer overflow vulnerability is present in this driver.

Análise:

Citação:

Exploitation of this issue would result in an attacker gaining kernel-level privileges. An attacker would need to be within wireless range to exploit this issue. Also, a scanning application must be running on the vulnerable computer for an attacker to take advantage of this issue.

Patches:

Citação:

km_wlan-28pre4-16.6.i586.rpm
km_wlan-28pre4-16.6.x86_64.rpm
km_wlan-28pre8-16.2.i586.rpm
km_wlan-28pre8-16.2.x86_64.rpm

Origem da Informação:
2006-12-07 - Daily Dave Mailing List (julien.tinnes at francetelecom.com) - Madwifi SIOCSIWSCAN vulnerability

2006-12-10 - Gentoo Foundation Inc. - Security Advisory GLSA 200612-09

2006-12-11 - Novell Inc. - SUSE Security Announcement: Madwifi remote root exploit (SUSE-SA:2006:074)

2006-12-09 - US-CERT - Vulnerability Note VU#925529