In association with heise online

23 May 2007, 16:42

Fix for Madwifi WLAN driver

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version of the madwifi Linux driver for Atheros-based WLAN cards was released today to remedy three flaws caused by insufficient parameter checking. Attackers were able to exploit these holes to carry out local and remote denial-of-service attacks, effectively cutting off WLAN use. It seems that only local attackers would have also been able to write into kernel memory, but the developers were not able to verify this.

The bugs were discovered in driver version 0.9.3, but they probably also exist in older versions. The developers therefore recommend that all madwifi users upgrade to the latest version as quickly as possible. Currently, the sources are available, with compiled packets to be released for various distributions in the next few days.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit