A flaw was found in the Linux kernels implementation of RealTek wireless drivers Wifi-direct (or wifi peer-to-peer) driver implementation. When the RealTek wireless networking hardware. is configured to accept Wifi-Direct (or Wifi P2P) connections an attacker within wireless network connectivity radio range is able to exploit a flaw in the Wifi-direct protocol known as "Notice of Absense" by creating specially crafted frames which can corrupt kernel memory as the upper bounds on the lenth of the frame is unchecked and supplied by the incoming packet. At this time, Red Hat Enterprise Linux 6 and 7 and 8 do not enable Wifi-Direct by default, but a privileged user can use standard command line tooling available to enable this feature allowing it to be attacked.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1763692]
External References: https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c55dedb795be8ec0cf488f98c03a1c2176f7fb1
Hello! The information seems to check out, thank you very much for this improvement!
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0328 https://access.redhat.com/errata/RHSA-2020:0328
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:0339 https://access.redhat.com/errata/RHSA-2020:0339
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-17666
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0543
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Via RHSA-2020:0661 https://access.redhat.com/errata/RHSA-2020:0661
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0740 https://access.redhat.com/errata/RHSA-2020:0740
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:0831 https://access.redhat.com/errata/RHSA-2020:0831
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0834 https://access.redhat.com/errata/RHSA-2020:0834
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:0839 https://access.redhat.com/errata/RHSA-2020:0839
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2020:1353 https://access.redhat.com/errata/RHSA-2020:1353
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions Red Hat Enterprise Linux 7.4 Telco Extended Update Support Via RHSA-2020:1347 https://access.redhat.com/errata/RHSA-2020:1347
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions Red Hat Enterprise Linux 7.3 Telco Extended Update Support Via RHSA-2020:1473 https://access.redhat.com/errata/RHSA-2020:1473
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Extended Update Support Via RHSA-2020:1465 https://access.redhat.com/errata/RHSA-2020:1465
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:1524 https://access.redhat.com/errata/RHSA-2020:1524