[German]Once again, a violent bug has been discovered in the Linux kernel that allows an attack on machines via Wi-Fi. Attackers can crash or even attack the machines via the vulnerability. The bug has been in the Linux kernel since 2013.
The Bug has been mentioned on Twitter by Mico Waisman, who recently found the bug.
Found this bug on Monday. An overflow on the linux rtlwifi driver on P2P (Wifi-Direct), while parsing Notice of Absence frames.
The bug has been around for at least 4 years https://t.co/rigXOEId29 pic.twitter.com/vlVwHbUNmf
— Nico Waisman (@nicowaisman) October 17, 2019
The error occurs with Wi-Fi direct connections in the Realtek Linux rtlwifi driver and causes a buffer overflow. There is now an entry CVE-2019-17666 for this bug. Arstechnica has published an article with further information on this topic here.