WLAN Vulnerabilities Discovered in Linux Kernel

WLAN Vulnerabilities Discovered in Linux Kernel

WLAN Vulnerabilities Discovered in Linux Kernel


Linux Kernel WLAN Remote Code Execution Vulnerabilities

On October 13, security researcher Sönke Huster of TU-Darmstadt introduced a POC detailing several CVEs, including CVE-2022-42719 and CVE-2022-42720. Both are remote code execution (RCE) vulnerabilities in the Linux kernel WiFi stack present from 5.2-rc1 forward. Both are expected to score a CVSSv3 of 7.3, making these High-importance vulnerabilities. 

The vulnerabilities can be exploited over-the-air via malicious packets on untrusted wireless networks through a buffer overwrite within the Linux kernel’s mac80211 framework. Successful exploitation of an RCE vulnerability could lead to the attacker gaining access to an application or the system. This can allow the attacker to access and inject additional code or instructions into the underlying device’s commands or processes.

In all, five total CVEs were discovered during POC research and disclosed. These include:

  • CVE-2022-41674: Remote Code Execution, CVSSv3 7.3 High

  • CVE-2022-42719: Remote Code Execution, CVSSv3 7.3 High

  • CVE-2022-42720: Remote Code Execution, CVSSv3 7.3 High

  • CVE-2022-42721: Denial of Service, CVXXv3 5.7 Medium

  • CVE-2022-42722: Denial of Service, CVXXv3 5.5 Medium

Fixes for the vulnerabilities have been merged by Linus, but will take some time to trickle down to the various distros. 

These vulnerabilities are likely to be most impactful for Android devices and Linux Workstations (with definite impact on any servers that happen to use a WiFi adapter as well). 

Automox recommends evaluating your fleet to understand any potential exposure and applying patches to your Linux systems as they become available from the major distros over the coming hours/days. 

We provides a 100% CloudNative IT Endpoint operations platform for modern organizations. As a comprehensive EndPointManagement Platform, it has advanced SoftwareManagement for PatchManagement, Adding, Removing, and Updating Software, Changing and Configure Settings along with PolicyManagement on any device or operating system located anywhere in the world and at any time. With the push of a button, ITAdministartors can fix CriticalVulnerabilities faster, slash cost and complexity, and win back hours in the day.If you want to know more kindly Click here

© 2023 SRC Cyber Solutions LLP. All Rights Reserved.