Remote buffer overflow bug bites Linux Kernel

Remote buffer overflow flaw in Linux KernelA remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.

The flaw could allow malicious hackers to launch arbitrary code with kernel-level privileges. This could lead to complete system compromise or, in some cases if an exploit fails, result in denial-of-service attacks.

This from the Gentoo bug report:

  • Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. If ndiswrapper is in use, a physically near-by attacker could generate specially crafted wireless network traffic and crash the system, leading to a denial of service.

Secunia rates this a “moderately critical” vulnerability:

  • The vulnerability is caused due to a boundary error in the ndiswrapper kernel driver when processing wireless network packets. This can be exploited to cause a buffer overflow via an overly long ESSID (Extended Service Set Identifier). Successful exploitation may allow execution of arbitrary code.

The vulnerability (CVE-2008-4395) affects Linux Kernel 2.6.27. As a temporary mitigation, Linux users should disable wireless network card that are not in use.

[Source: zdnet]