Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise
A security researcher with Github recently uncovered a critical security flaw in a Wi-Fi driver for Linux that could enable threat actors to remotely take control of vulnerable machines.
The flaw, tracked as CVE-2019-17666, affects the “rtlwifi” driver, which is vulnerable to a buffer overflow attack. The researcher said that “the vulnerability triggers an overflow, which means it could make Linux crash or if a proper exploit is written (which is not trivial), an attacker could obtain remote code-execution.” The bug has been present in Linux systems for about 4 years. So far no patch has been made available.