On CBS MoneyWatch: The perfect car for a teenager
BNET Business Network:
BNET
TechRepublic
ZDNet

November 5th, 2008

Remote buffer overflow bug bites Linux Kernel

Posted by Ryan Naraine @ 9:03 am

Categories: Arbitrary Code Execution, Denial of Service (DoS), Exploit code, Kernel-level Exploits, Linux, Open source, Patch Watch, Pen testing, Responsible disclosure, Vulnerability research

Tags: Linux Kernel, Buffer-overflow, Wireless Network, Linux, Wi-Fi, Wireless, Security, Open Source, Operating Systems, Software

Remote buffer overflow flaw in Linux KernelA remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.

The flaw could allow malicious hackers to launch arbitrary code with kernel-level privileges.  This could lead to complete system compromise or, in some cases if an exploit fails, result in denial-of-service attacks.

This from the Gentoo bug report:

  • Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. If ndiswrapper is in use, a physically near-by attacker could generate specially crafted wireless network traffic and crash the system, leading to a denial of service.

Secunia rates this a “moderately critical” vulnerability:

  • The vulnerability is caused due to a boundary error in the ndiswrapper kernel driver when processing wireless network packets. This can be exploited to cause a buffer overflow via an overly long ESSID (Extended Service Set Identifier). Successful exploitation may allow execution of arbitrary code.

The vulnerability (CVE-2008-4395) affects Linux Kernel 2.6.27.   As a temporary mitigation, Linux users should disable wireless network card that are not in use.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 119 Talkback(s)
LD's WHOLE POST is obviously a joke.
Nobody could actually be that stupid for real, duh. (Read the rest)
Posted by: AzuMao Posted on: 11/11/08 You are currently: a Guest | | Terms of Use
So it ISN'T a kernel bug  Real World | 11/05/08
It is  soulxfer@... | 11/05/08
Here is how you know that it isn't  Real World | 11/05/08
A distinction without a difference  Yagotta B. Kidding | 11/05/08
It matters in knowing where to point the blame  Michael Kelly | 11/05/08
Raise the bar  Real World | 11/05/08
Use same scale  soulxfer@... | 11/05/08
It's a word choice  Michael Kelly | 11/05/08
For what it's worth  Real World | 11/05/08
Yes but sometime it is a driver that is supplied...  mrlinux | 11/06/08
How many... PLENTY  shryko | 11/06/08
NDISWrapper  daengbo | 11/06/08
RE: Remote buffer overflow bug bites Linux Kernel  Linux User 147560 | 11/05/08
Already fixed!  SpikeyMike | 11/05/08
LOL  Linux User 147560 | 11/05/08
But not already deployed....  dunn@... | 11/05/08
Deploy it then  AzuMao | 11/05/08
Ubuntu, according to your URL, is what's affected.....  btljooz | 11/06/08
Yet another "interesting" URL  btljooz | 11/06/08
RE: Remote buffer overflow bug bites Linux Kernel  Loverock Davidson | 11/05/08
Competency...  SpikeyMike | 11/05/08
Its not my fault  Loverock Davidson | 11/05/08
LOL, when did you ever see Windows source code?  fr0thy2 | 11/05/08
Ive seen windows Source code  Aussie_Troll | 11/06/08
According to my spies at MS...  fairportfan | 11/06/08
Since he has the word "troll" in his name...  hasta la Vista, bah-bie | 11/06/08
You have to give him some points  GuidingLight | 11/05/08
GL you gave me a great idea ...  fr0thy2 | 11/05/08
Maybe not introducing bugs but tricking linux to fail  clareJ | 11/06/08
what did you expect?  doh123 | 11/05/08
Yes I do  Loverock Davidson | 11/05/08
LD wants it both ways.  b.bob | 11/05/08
No  TedKraan | 11/06/08
Huh?  todbran@... | 11/05/08
LOL!  Loverock Davidson | 11/05/08
Todbran = slow in the head?  AzuMao | 11/06/08
Well if it's satire...  hasta la Vista, bah-bie | 11/07/08
No  AzuMao | 11/07/08
Loverock - Miss Trolliverse 2008  Don Collins | 11/06/08
You made my day, lol.  AzuMao | 11/06/08
Ho-hummm.... zzzzz.....  Four-Eyes | 11/06/08
Or...  awasson@... | 11/07/08
Reboot Linux after Driver update?  satovey@... | 11/10/08
LD's WHOLE POST is obviously a joke.  AzuMao | 11/11/08
LOL!!  Loverock Davidson | 11/05/08
only to you  TedKraan | 11/06/08
ROTFLMAO!!!!  Loverock Davidson | 11/05/08
get up off the floor  sir4taye@... | 11/05/08
OpenBSD 4.4 released on Saturday 11/01/08!!  Loverock Davidson | 11/05/08
This is hard to watch.  kozmcrae | 11/05/08
It is for linux users!  Loverock Davidson | 11/05/08
Loverock - Miss Trolliverse 2008  Don Collins | 11/06/08
RE: This is hard to watch  bfilipiak@... | 11/05/08
The answer to that is simple...  fairportfan | 11/06/08
Sorry to point it out but  TedKraan | 11/06/08
Orion -uh, no...  pgit | 11/06/08
Richard Stallman nods sagely  Yagotta B. Kidding | 11/05/08
Wow, LD  Yagotta B. Kidding | 11/05/08
Looks like I get to download a new Linux kernel next week  John L. Ries | 11/05/08
Since it's not the kernel itself  Linux User 147560 | 11/05/08
Actually  AzuMao | 11/05/08
Correction  Necrolin | 11/05/08
Time to stop buying  TedKraan | 11/06/08
I stand corrected.  AzuMao | 11/06/08
If You're a Linux User then you fix it yourself...  dunn@... | 11/05/08
I am a participant.  Real World | 11/05/08
You don't have to write code  AzuMao | 11/05/08
You don't need a new kernel.  Henrik Moller | 11/06/08
Correct  TedKraan | 11/06/08
LD, your limited abilities don't even allow you to do some research??  here and there | 11/05/08
Look up the word "satire".  AzuMao | 11/05/08
whoa... lots of hate here  isulzer | 11/05/08
If a kernel is at fault  Michael Kelly | 11/05/08
read my post again.  isulzer | 11/05/08
Ok  Real World | 11/05/08
yep.  isulzer | 11/05/08
I understand that  Michael Kelly | 11/06/08
In otherwords  AzuMao | 11/05/08
My OS is safe  daengbo | 11/06/08
Had an update waiting...  todbran@... | 11/05/08
whats funny about this  Aussie_Troll | 11/05/08
Other than Web Products Linux is always...  dunn@... | 11/05/08
I went there.  todbran@... | 11/06/08
if it is too hard for you...  SpikeyMike | 11/05/08
heh.  isulzer | 11/05/08
Ah Martin from Australia I presume ...  fr0thy2 | 11/05/08
Clueless tossers  Kaiwai | 11/05/08
Correct. Only machines using NDISwrapper affected.  AndyCee | 11/05/08
Don't install it?  isulzer | 11/05/08
No need to uninstall it  Kaiwai | 11/05/08
Typical Linux fanboi response.  tonymcs@... | 11/05/08
You're being sarcastic  AzuMao | 11/05/08
Coming from an idot named tony  Kaiwai | 11/05/08
Jobs in IT  fr0thy2 | 11/05/08
I wish that were the case  Kaiwai | 11/06/08
You do touch a valid point here  TedKraan | 11/06/08
Jobs in IT  satovey@... | 11/10/08
RE: Remote buffer overflow bug bites Linux Kernel  mrdt | 11/05/08
It only affects users on ndiswrapper!  Zogg | 11/05/08
Yes, a consistant patch day  LiquidLearner | 11/05/08
A consistent patch day...  fairportfan | 11/06/08
LD please don't hurt your brain reading this.  a foot in both camps | 11/05/08
You fool  AzuMao | 11/05/08
You could have fooled me  a foot in both camps | 11/09/08
Then explain this..  AzuMao | 11/10/08
It IS a Kernel bug  Aussie_Troll | 11/06/08
No, it isn't  Real World | 11/06/08
RE: Remote buffer overflow bug bites Linux Kernel  tom@... | 11/05/08
or maybe they couldn't afford  TedKraan | 11/06/08
RE: Remote buffer overflow bug bites Linux Kernel  nospam@... | 11/05/08
Linux can.......  todbran@... | 11/06/08
WRONG  AzuMao | 11/06/08
RE: Remote buffer overflow bug bites Linux Kernel  ghot@... | 11/05/08
RE: Remote buffer overflow bug bites Linux Kernel  SysAdminII | 11/06/08
Proprietary driver  SpikeyMike | 11/06/08
No  AzuMao | 11/06/08
net-wireless/ndiswrapper  Gradius2 | 11/06/08
What do I think?  awasson@... | 11/07/08
It would definitely NOT be a cause for celebration if there were a real  AzuMao | 11/08/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More