A remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.
The flaw could allow malicious hackers to launch arbitrary code with kernel-level privileges. This could lead to complete system compromise or, in some cases if an exploit fails, result in denial-of-service attacks.
This from the Gentoo bug report:
- Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. If ndiswrapper is in use, a physically near-by attacker could generate specially crafted wireless network traffic and crash the system, leading to a denial of service.
Secunia rates this a “moderately critical” vulnerability:
- The vulnerability is caused due to a boundary error in the ndiswrapper kernel driver when processing wireless network packets. This can be exploited to cause a buffer overflow via an overly long ESSID (Extended Service Set Identifier). Successful exploitation may allow execution of arbitrary code.
The vulnerability (CVE-2008-4395) affects Linux Kernel 2.6.27. As a temporary mitigation, Linux users should disable wireless network card that are not in use.
No comments:
Post a Comment