Vulnerabilities in the Linux kernel enable code to be smuggled over WLAN

Vulnerabilities in the Linux kernel enable code to be smuggled over WLAN

Attackers can use tampered WLAN packets to insert malicious code into a vulnerable Linux kernel. This pops up from an email from SUSE employee Marcus Meissner. So Sönke Huster of TU Darmstadt discovered one of the gaps.

According to Meissner, Intel employee Johannes Berg worked with Hoster to assess and fix the vulnerability. In doing so, they encountered more problems with the WLAN stack which could be abused “over the air”.

Sönke Huster provides more detailed explanations with prepared packages, crash logs and explanations of vulnerabilities in an additional email. A total of five vulnerabilities were compiled with their CVE entries. However, IT security experts still weigh its severity as CVSS.

CVE number

Good heart

short description



fix u8 overflow in cfg80211_update_notlisted_nontrans -> write limit 256 bytes



wifi: mac80211: fix MBSSID parsing for use after free use -> use after free status



wifi: cfg80211: fix BSS recalculation errors, reference count -> usability after use



wifi: cfg80211: Avoid corrupting the unsent BSS list corruption list -> according to Johans, however it will make it an endless loop



wifi: mac80211: fix crash in beacon protection for P2P -> NULL ptr dereference failure

The developers sent patches to close security holes in the Linux kernel. According to Meissner, they should be introduced in the coming days. Huster states that some vulnerabilities have been introduced since kernel 5.1-rc1, and others only since version 5.2-rc1 of the operating system kernel.

Linux administrators who use and have WLAN activated should use the distribution’s package manager to quickly find and install available kernel updates. Recently, some components of the nftables firewall were responsible for vulnerabilities in the Linux kernel that could have allowed attackers to escalate their privileges.


to the home page

See also  Day, Times, Go, Shiny, Investigation And Bonus

Leave a Reply

Your email address will not be published. Required fields are marked *